Merge remote-tracking branch 'origin/main' into bugs-5879

pantheon-systems · May 19, 2023 · de5b6b3 · de5b6b3
2 parents 4780024 + e10a8a8
commit de5b6b3
Show file tree

Hide file tree

Showing 7 changed files with 33 additions and 14 deletions.
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -9,9 +9,7 @@ jobs:
   validate:
     name: "Run validation test suite"
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        php-versions: ["7.2", "7.3", "7.4"]
+
     env:
       # GITHUB_CONTEXT: ${{ toJson(github) }}
       PANTHEON_WPVULNDB_API_TOKEN: ${{ secrets.PANTHEON_WPVULNDB_API_TOKEN }}
@@ -44,7 +42,7 @@ jobs:
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
-          php-version: ${{ matrix.php-versions }}
+          php-version: 7.4
           ini-values: post_max_size=256M, max_execution_time=120
 
       - name: Get Composer Cache Directory

diff --git a/features/general.feature b/features/general.feature
@@ -60,7 +60,7 @@ Feature: General tests of WP Launch Check
 
   Scenario: WordPress has a new minor version but no new major version
     Given a WP install
-    And I run `wp core download --version=6.0 --force`
+    And I run `wp core download --version=6.1 --force`
     And I run `wp theme activate twentytwentytwo`
 
     When I run `wp launchcheck general`
@@ -71,8 +71,8 @@ Feature: General tests of WP Launch Check
 
   Scenario: WordPress has a new major version but no new minor version
     Given a WP install
-    And I run `wp core download --version=5.9.5 --force`
-    And I run `wp theme activate twentytwentytwo`
+    And I run `wp core download --version=5.6.10 --force`
+    And I run `wp theme activate twentytwenty`
 
     When I run `wp launchcheck general`
     Then STDOUT should contain:

diff --git a/features/objectcache.feature b/features/objectcache.feature
@@ -30,6 +30,7 @@ Feature: Suggest object cache to be enabled
 
   Scenario: WP Redis is present as the enabled object-cache
     Given a WP install
+		# TODO Remove the version flag.
     And I run `wp plugin install wp-redis --activate`
     And I run `wp redis enable`
 

diff --git a/php/commands/launchcheck.php b/php/commands/launchcheck.php
@@ -30,6 +30,7 @@ public function all($args, $assoc_args) {
 
 		// wp-config is going to be loaded again, and we need to avoid notices
 		@WP_CLI::get_runner()->load_wordpress();
+		WP_CLI::add_hook( 'before_run_command', [ $this, 'maybe_switch_to_blog' ] );
 
 		// WordPress is now loaded, so other checks can run
 		$searcher = new \Pantheon\Filesearcher( WP_CONTENT_DIR );
@@ -47,6 +48,24 @@ public function all($args, $assoc_args) {
 		\Pantheon\Messenger::emit($format);
 	}
 
+	/**
+	 * Switch to BLOG_ID_CURRENT_SITE if we're on a multisite.
+	 *
+	 * This forces the launchcheck command to use the main site's info for all
+	 * the checks.
+	 */
+	public function maybe_switch_to_blog() {
+		// Check for multisite. If we're on multisite, switch to the main site.
+		if ( is_multisite() ) {
+			if ( defined( 'BLOG_ID_CURRENT_SITE' ) ) {
+				switch_to_blog( BLOG_ID_CURRENT_SITE );
+			} else {
+				switch_to_blog( 1 );
+			}
+			\WP_CLI::log( sprintf( esc_html__( 'Multisite detected. Running checks on %s site.' ), get_bloginfo( 'name' ) ) );
+		}
+	}
+
 	/**
 	 * Checks for a properly-configured wp-config
 	 *

diff --git a/php/pantheon/checks/insecure.php b/php/pantheon/checks/insecure.php
@@ -25,6 +25,10 @@ public function run($file) {
 		if ( $matches ) {
 			$note = '';
 			foreach($matches as $match) {
+				// Don't flag if the file in question is inside wp-redis.
+				if ( false !== strpos( $file->getPath(), 'wp-redis' ) ) {
+					continue;
+				}
 				$linenum = substr_count(substr($file_contents, 0, $match[1]), "\n") + 1;
 				$this->alerts[] = array( 'class'=>'warning', 'data'=> array( $file->getRelativePathname(),  $linenum, substr($match[0],0,50)));
 			}

diff --git a/php/pantheon/utils.php b/php/pantheon/utils.php
@@ -3,6 +3,7 @@
 
 use \Symfony\Component\Filesystem\Filesystem;
 use \Symfony\Component\Finder\Finder;
+use \Pantheon\Utils as Pantheon;
 
 class Utils {
 	static $fs;
@@ -59,7 +60,7 @@ public static function sanitize_data($data, $sanitizer_function = 'htmlspecialch
 				array_map('self::sanitize_data', array_values((array)$data))
 			);
 			return is_object( $data ) ? (object)$sanitized_data : $sanitized_data;
-		} elseif ( is_integer( $data ) ) {
+		} elseif ( is_integer($data) ) {
 			return (string)$data;
 		} elseif ( is_string( $data ) ) {
 			if ( ! empty( $data ) ) {

diff --git a/php/pantheon/views/table.php b/php/pantheon/views/table.php
@@ -1,13 +1,9 @@
-<?php 
-
-use Pantheon\Utils; ?>
-
 <table class='table table-condensed'>
 	<thead>
 			<tr>
 				<?php if(isset($headers)): ?>
 					<?php foreach ($headers as $header): ?>
-						<th><?php echo Utils::sanitize_data( $header ); ?></th>
+						<th><?php echo $header; ?></th>
 					<?php endforeach; ?>
 				<?php endif; ?>
 			</tr>
@@ -16,7 +12,7 @@
 			<?php foreach($rows as $row): ?>
 				<tr class="<?php if(isset($row['class'])) { echo $row['class']; } ?>">
 					<?php foreach($row['data'] as $values): ?>
-						<td><?php echo Utils::sanitize_data( $values ); ?></td>
+						<td><?php echo $values; ?></td>
 					<?php endforeach; ?>
 				</tr>
 			<?php endforeach; ?>