Merge pull request #433 from WordPress-Coding-Standards/develop

0.7.0
WordPress · Aug 30, 2015 · fb37d21 · fb37d21
2 parents 2e27757 + 9455597
commit fb37d21
Show file tree

Hide file tree

Showing 17 changed files with 464 additions and 319 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,29 @@ This projects adheres to [Semantic Versioning](http://semver.org/) and [Keep a C
 `get_category_by_slug()`, `get_cat_ID()`, `count_user_posts()`, and `wp_old_slug_redirect()` 
 to the list of restricted functions in the `WordPress.VIP.RestrictedFunctions` sniff.
 
+## [0.7.0] - 2015-08-30
+
+### Added
+- Automatic error fixing to the `WordPress.Arrays.ArrayKeySpacingRestrictions` sniff.
+- Functions and closures to the control structures checked by the `WordPress.WhiteSpace.ControlStructureSpacing`
+sniff.
+- Sniffing and fixing for extra spacing in the `WordPress.WhiteSpace.ControlStructureSpacing`
+sniff. (Previously it only checked for insufficient spacing.)
+- `.twig` files to the default ignored files.
+- `esc_url_raw()` and `hash_equals()` to the list of sanitizing functions.
+- `intval()` and `boolval()` to list of unslashing functions.
+- `do_shortcode()` to the list of auto-escaped functions.
+
+### Removed
+- `WordPress.Functions.FunctionDeclarationArgumentSpacing` in favor of the upstream
+sniff `Squiz.Functions.FunctionDeclarationArgumentSpacing`.
+
+### Fixed
+- Reference to incorrect issue in the inline docs of the `WordPress.VIP.SessionVariableUsage`
+sniff.
+- `WordPress.XSS.EscapeOutput` sniff incorrectly handling ternary conditions in
+`echo` statements without parentheses in some cases.
+
 ## [0.6.0] - 2015-06-30
 
 ### Added

diff --git a/WordPress-Core/ruleset.xml b/WordPress-Core/ruleset.xml
@@ -72,13 +72,20 @@
 		<severity>0</severity>
 	</rule>
 
+	<rule ref="Squiz.Functions.FunctionDeclarationArgumentSpacing">
+		<properties>
+			<property name="equalsSpacing" value="1" />
+			<property name="requiredSpacesAfterOpen" value="1" />
+			<property name="requiredSpacesBeforeClose" value="1" />
+		</properties>
+	</rule>
+
 	<rule ref="WordPress.Arrays.ArrayDeclaration">
 		<exclude name="WordPress.Arrays.ArrayDeclaration.SingleLineNotAllowed" />
 	</rule>
 	<rule ref="WordPress.Arrays.ArrayKeySpacingRestrictions"/>
 	<rule ref="WordPress.Classes.ValidClassName"/>
 	<rule ref="WordPress.Files.FileName"/>
-	<rule ref="WordPress.Functions.FunctionDeclarationArgumentSpacing"/>
 	<rule ref="WordPress.NamingConventions.ValidFunctionName"/>
 	<rule ref="WordPress.WhiteSpace.ControlStructureSpacing"/>
 	<rule ref="WordPress.WhiteSpace.OperatorSpacing"/>

diff --git a/WordPress/Sniff.php b/WordPress/Sniff.php
@@ -117,6 +117,7 @@ abstract class WordPress_Sniff implements PHP_CodeSniffer_Sniff {
 		'comments_rss_link' => true,
 		'delete_get_calendar_cache' => true,
 		'disabled' => true,
+		'do_shortcode' => true,
 		'do_shortcode_tag' => true,
 		'edit_bookmark_link' => true,
 		'edit_comment_link' => true,
@@ -236,8 +237,10 @@ abstract class WordPress_Sniff implements PHP_CodeSniffer_Sniff {
 	 */
 	public static $sanitizingFunctions = array(
 		'absint' => true,
+		'esc_url_raw' => true,
 		'filter_input' => true,
 		'filter_var' => true,
+		'hash_equals' => true,
 		'in_array' => true,
 		'intval' => true,
 		'is_array' => true,
@@ -280,6 +283,8 @@ abstract class WordPress_Sniff implements PHP_CodeSniffer_Sniff {
 	 */
 	public static $unslashingSanitizingFunctions = array(
 		'absint' => true,
+		'boolval' => true,
+		'intval' => true,
 		'is_array' => true,
 		'sanitize_key' => true,
 	);
@@ -1036,6 +1041,40 @@ protected function is_comparison( $stackPtr ) {
 
 		return false;
 	}
+
+	/**
+	 * Check what type of 'use' statement a token is part of.
+	 *
+	 * The T_USE token has multiple different uses:
+	 *
+	 * 1. In a closure: function () use ( $var ) {}
+	 * 2. In a class, to import a trait: use Trait_Name
+	 * 3. In a namespace, to import a class: use Some\Class;
+	 *
+	 * This function will check the token and return 'closure', 'trait', or 'class',
+	 * based on which of these uses the use is being used for.
+	 *
+	 * @param int $stackPtr The position of the token to check.
+	 *
+	 * @return string The type of use.
+	 */
+	protected function get_use_type( $stackPtr ) {
+
+		// USE keywords inside closures.
+		$next = $this->phpcsFile->findNext( T_WHITESPACE, $stackPtr + 1, null, true );
+
+		if ( T_OPEN_PARENTHESIS === $this->tokens[ $next ]['code'] ) {
+			return 'closure';
+		}
+
+		// USE keywords for traits.
+		if ( $this->phpcsFile->hasCondition( $stackPtr, array( T_CLASS, T_TRAIT ) ) ) {
+			return 'trait';
+		}
+
+		// USE keywords for classes to import to a namespace.
+		return 'class';
+	}
 }
 
 // EOF
diff --git a/WordPress/Sniffs/Arrays/ArrayKeySpacingRestrictionsSniff.php b/WordPress/Sniffs/Arrays/ArrayKeySpacingRestrictionsSniff.php
@@ -55,11 +55,27 @@ public function process( PHP_CodeSniffer_File $phpcsFile, $stackPtr )
 		// It should have spaces only if it only has strings or numbers as the key
 		if ( $need_spaces && ! ( $spaced1 && $spaced2 ) ) {
 			$error = 'Array keys must be surrounded by spaces unless they contain a string or an integer.';
-        	$phpcsFile->addError( $error, $stackPtr, 'NoSpacesAroundArrayKeys' );
+			$fix = $phpcsFile->addFixableError( $error, $stackPtr, 'NoSpacesAroundArrayKeys' );
+			if ( $fix ) {
+				if ( ! $spaced1 ) {
+					$phpcsFile->fixer->addContentBefore( $stackPtr + 1, ' ' );
+				}
+				if ( ! $spaced2 ) {
+					$phpcsFile->fixer->addContentBefore( $token['bracket_closer'], ' ' );
+				}
+			}
 		}
 		elseif( ! $need_spaces && ( $spaced1 || $spaced2 ) ) {
 			$error = 'Array keys must NOT be surrounded by spaces if they only contain a string or an integer.';
-        	$phpcsFile->addError( $error, $stackPtr, 'SpacesAroundArrayKeys' );
+			$fix = $phpcsFile->addFixableError( $error, $stackPtr, 'SpacesAroundArrayKeys' );
+			if ( $fix ) {
+				if ( $spaced1 ) {
+					$phpcsFile->fixer->replaceToken( $stackPtr + 1, '' );
+				}
+				if ( $spaced2 ) {
+					$phpcsFile->fixer->replaceToken( $token['bracket_closer'] - 1, '' );
+				}
+			}
 		}
 
 	}//end process()

diff --git a/WordPress/Sniffs/Functions/FunctionDeclarationArgumentSpacingSniff.php b/WordPress/Sniffs/Functions/FunctionDeclarationArgumentSpacingSniff.php
diff --git a/WordPress/Sniffs/VIP/SessionVariableUsageSniff.php b/WordPress/Sniffs/VIP/SessionVariableUsageSniff.php
@@ -2,12 +2,13 @@
 /**
  * WordPress_Sniffs_VIP_SessionVariableUsageSniff
  *
- * Discourages the use of the session variable
+ * Discourages the use of the session variable.
+ * Creating a session writes a file to the server and is unreliable in a multi-server environment.
  *
  * @category PHP
  * @package  PHP_CodeSniffer
  * @author   Shady Sharaf <[email protected]>
- * @link     https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/issues/69
+ * @link     https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/issues/75
  */
 class WordPress_Sniffs_VIP_SessionVariableUsageSniff extends Generic_Sniffs_PHP_ForbiddenFunctionsSniff
 {