Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3308806

Timestamp:

06/10/2025 12:47:39 AM (10 months ago)

Author:

MarkODonnell

Message:

Committing 1.5.2 for WP Plugin Team Review.

Location:

coaching-staffs/trunk

Files:

: 4 edited

includes/mstw-coaching-staffs-admin.php (modified) (1 diff)
mstw-coaching-staffs.php (modified) (8 diffs)
readme.txt (modified) (2 diffs)
theme-templates/single-coach.php (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

coaching-staffs/trunk/includes/mstw-coaching-staffs-admin.php

-                      r3290731
+                      r3308806
         if( $typenow == 'staff_position' ) {
+            $taxonomy_slugs = array( 'staffs' );
+            foreach ( $taxonomy_slugs as $tax_slug ) {
+                //retrieve the taxonomy object for the tax_slug
+                $tax_obj = get_taxonomy( $tax_slug );
+                $tax_name = $tax_obj->labels->name;
+                $terms = get_terms( $tax_slug );
+            $tax_slug = 'staffs';
+            //retrieve the taxonomy object for the tax_slug
+            $tax_obj = get_taxonomy( $tax_slug );
+            $tax_name = $tax_obj->labels->name;
+            $terms = get_terms( $tax_slug );
+            //output the html for the drop down menu
+            ?><select name='<?php echo esc_html( $tax_slug )?>' id='<?php echo esc_html( $tax_slug )?>' class='postform'>
+                <option value=''><?php esc_html_e( 'Show All Staffs', 'coaching-staffs')?></option>
+                <?php
+                //output each select option line
+                foreach ($terms as $term) {
+                    //check against the last $_GET to show the current selection
+                    if ( array_key_exists( $tax_slug, $_GET ) ) {
+                        $selected = ( $_GET[$tax_slug] == $term->slug ) ? ' selected' : '';
+                    } else {
+                        $selected = '';
+                    }
+                    ?>
+                    <option value='<?php echo esc_html( $term->slug )?>' <?php echo esc_html( $selected )?>> <?php echo esc_html( $term->name . '(' . $term->count . ')' ) ?> </option>
+                    <?php
+                } //End: foreach ($terms as $term) {
-                //output the html for the drop down menu
-                ?><select name='<?php echo esc_html( $tax_slug )?>' id='<?php echo esc_html( $tax_slug )?>' class='postform'>
-                    <option value=''><?php esc_html_e( 'Show All Staffs', 'coaching-staffs')?></option>
-                    <?php
-                    //output each select option line
-                    foreach ($terms as $term) {
-                        //check against the last $_GET to show the current selection
-                        if ( array_key_exists( $tax_slug, $_GET ) ) {
-                            $selected = ( $_GET[$tax_slug] == $term->slug ) ? ' selected' : '';
+                        }
-                        else {
-                            $selected = '';
+                        }
-                        ?>
-                        <option value='<?php echo esc_html( $term->slug )?>' <?php echo esc_html( $selected )?>> <?php echo esc_html( $term->name . '(' . $term->count . ')' ) ?> </option>
-                        <?php
+                    }
                 ?></select><?php
+            }
+        }
 } //End: mstw_cs_restrict_positions_by_staff
+        } //End: if( $typenow == 'staff_position' ) {
+    } //End: mstw_cs_restrict_positions_by_staff
  //-----------------------------------------------------------------

coaching-staffs/trunk/mstw-coaching-staffs.php

-                      r3304098
+                      r3308806
  * Plugin URI:  http://shoalsummitsolutions.com
  * Description: Manage and display coaching staffs. Front end displays include  coaching staff tables, a coaching staff galleries, and single coach profiles.
  * Version:     1.5.1
+ * Version:     1.5.2
  * Requires at least: 5.2
  * Requires PHP: 7.2
 …
             if ( '' == $uri_array ) {
                 mstw_log_msg( 'mstw_cs_get_posts: error with $_SERVER[REQUEST_URI]' );
+                mstw_log_msg ( 'query received:' ); mstw_log_msg( $query );
+                mstw_log_msg ( 'query received:' );
+                mstw_log_msg( $query );
                 return;
+            }
 …
             //'exclude_from_search' => false,
             //'show_ui'             => true,
             'show_in_menu'          => 'mstw-cs-main-menu', //=> true,
+            'show_in_menu'          => 'mstw-cs-main-menu', //=> true,
             //'menu_position'       => null,
             //'menu_icon'           => null,
 …
     $single_template = null;
     if ( $post->post_type == 'coach') {
+    if ( $post->post_type == 'coach') {
         $custom_coach_template = get_stylesheet_directory( ) . '/single-coach.php';
         $plugin_coach_template = dirname( __FILE__ ) . '/theme-templates/single-coach.php';
 …
 function mstw_cs_shortcode_handler( $atts ){
+    //mstw_log_msg( 'mstw_cs_shortcode_handler:' );
     // get the options set in the admin screen
     $options = get_option( 'mstw_cs_options' );
+    //mstw_log_msg( 'in mstw_cs_shortcode_handler ...' );
+    //mstw_log_msg( '$options:' );
+    //mstw_log_msg( $options );
     // and merge them with the defaults
     $args = wp_parse_args( $options, mstw_cs_get_defaults( ) );
-    //$output .= '<pre>ARGS:' . print_r( $args, true ) . '</pre>';
     // then merge the parameters passed to the shortcode with the result
     $attribs = shortcode_atts( $args, $atts );
+    //$output .= '<pre>ATTS:' . print_r( $atts, true ) . '</pre>';
+    //$output .= '<pre>ATTRIBS:' . print_r( $attribs, true ) . '</pre>';
+    $mstw_cs_staff_table = mstw_cs_build_staff_table( $attribs );
+    //$mstw_cs_staff_table = mstw_cs_build_staff_table( $atts );
+    //return $output;
+    $mstw_cs_staff_table = wp_kses( mstw_cs_build_staff_table( $attribs ), 'post' );
     return $mstw_cs_staff_table;
 …
 // Loops through the Staff Positions Custom posts in the "staff" category and formats them
 // into a pretty table.
+// --------------------------------------------------------------------------------------
+function mstw_cs_build_staff_table( $attribs ) {
+//
+// NOTE: for the most part, output is not escaped in this function because it is
+// escaped late by wp_kses() in the mstw_cs_shortcode_handler() function above.
+//
+// --------------------------------------------------------------------------------------
+function mstw_cs_build_staff_table( $attribs ) {
+    //mstw_log_msg( 'mstw_cs_build_staff_table:' );
     extract( $attribs );
     if ( !isset( $staff ) or $staff == '' ) {
         $output = '<h3>' . __( 'No Staff Specified', 'coaching-staffs' ) . '</h3>';
+        $output = '<h3>' . esc_html__( 'No Staff Specified', 'coaching-staffs' ) . '</h3>';
         return $output;
+    }
     $output = "";
-    // Settings from the admin page
-    //$options = get_option( 'mstw_cs_options' );
-    //extract( $options );
     // Show the table title = Name of Staff
     if ( $show_title ) {
         $term_array = get_term_by( 'slug', $staff, 'staffs' );
+        //mstw_log_msg( $staff );
+        //mstw_log_msg( $term_array );
         $staff_name = $term_array->name;
         $staff_class = 'staff-head-title staff-head-title-' . $staff;
         $output .= '<h1 class="' . $staff_class . '">' . $staff_name . '</h1>';
+        $staff_class = 'staff-head-title staff-head-title-' . esc_html( $staff );
+        $output .= '<h1 class="' . esc_html( $staff_class ) . '">' . esc_html( $staff_name ) . '</h1>';
+    }
     // Get the staff roster
     $posts = get_posts(array( 'numberposts' => -1,
                               'post_type' => 'staff_position',
                               'staffs' => $staff,
                               'orderby' => 'meta_value_num',
                               'meta_key' => 'mstw_cs_display_order',
                               'order' => 'ASC'
                             ));
+                                                        'post_type'     => 'staff_position',
+                                                        'staffs'            => $staff,
+                                                        'orderby'       => 'meta_value_num',
+                                                        'meta_key'      => 'mstw_cs_display_order',
+                                                        'order'             => 'ASC'
+                                                    ));
    if( $posts ) {
 …
         // Start with the table header
         $staff_class = 'mstw-cs-table-' . $staff;
         $output .= '<table class="mstw-cs-table ' . $staff_class . '">';
+        $staff_class = 'mstw-cs-table-' . esc_html( $staff );
+        $output .= '<table class="mstw-cs-table ' . esc_html( $staff_class ) . '">';
         // leave this open and check on styles from the admin settings
 …
     else { // No posts were found
     /* translators: %s is the staff name */
         $output =  $output . '<h3>' . sprintf( __( 'Sorry, No coaches found for staff: %s', 'coaching-staffs' ), $staff ) . '</h3>';
+        $output =  $output . '<h3>' . sprintf( esc_html__( 'Sorry, No coaches found for staff: %s', 'coaching-staffs' ), esc_html( $staff ) ) . '</h3>';
+    }

coaching-staffs/trunk/readme.txt

-                      r3304098
+                      r3308806
 Requires at least: 5.2
 Tested up to: 6.8
 Stable tag: 1.5.1
+Stable tag: 1.5.2
 Requires PHP: 7.2
 License: GPLv2 or later
 …
 == Changelog ==
+= 1.5 +
+= 1.5.2 =
+* Cleanup to fix issues in PCP check and WP Plugins Team
+= 1.5 =
 * Tested on PHP 8.2.23
 * A little minor code clean up. No function changes.

coaching-staffs/trunk/theme-templates/single-coach.php

-                      r3290731
+                      r3308806
  ?>
     <?php   //Validate the nonce
-    //$nonce = mstw_safe_get( 'mstw-cs-nonce', $_GET, '' );
     if ( isset( $_GET['mstw-cs-nonce'] ) ) {
-        //$safeNonce = mstw_safe_get( 'mstw-cs-nonce', $_GET, '' );
         if ( false == wp_verify_nonce(  sanitize_text_field( wp_unslash( $_GET[ 'mstw-cs-nonce' ] ) ), 'single-coach' ) ) {
             mstw_log_msg( "single-coach: invalid nonce" );
             die( __('fatal error encountered in single_coach', 'coaching-staffs' ) );
+            die( esc_html__('fatal error encountered in single_coach', 'coaching-staffs' ) );
+        }
     } else {
         mstw_log_msg( "single-coach: nonce not found" );
         die( __('fatal error encountered in single_coach', 'coaching-staffs' ) );
+        die( esc_html__('fatal error encountered in single_coach', 'coaching-staffs' ) );
+    }
     ?>
+    <?php get_header();
+    //mstw_log_msg( "starting single-coach: current post ID = " . $post->ID ); ?>
+    <?php get_header(); ?>
     <div id="primary">
         <div id="content" role="main">
 …
                 if ( $position_post ) {
                     $position = get_the_title( $position_post );
+                    //$position = mstw_safe_get( 'position', $_GET, '' );
+                    if ('' != $position ) {
+                        $term_list = wp_get_post_terms( $position, 'staffs' );
+                    }
+                    else {
+                        $term_list = null;
+                    }
+                    $term_list = wp_get_post_terms( $position_post, 'staffs' );
                 } else {
 …
                 ?>
                 <div class="coach-header <?php echo esc_url( $header_class ) ?>">
+                <div class="coach-header <?php echo esc_html( $header_class ) ?>">
                     <!-- First, figure out the coach's photo -->
                     <div id = "coach-photo">

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: