Changeset 3536402

Timestamp:

05/18/2026 11:39:43 PM (9 days ago)

Author:

room34

Message:

Version 1.1.0

Location:

pending-status

Files:

• tags/1.1.0 (added)
• tags/1.1.0/assets (added)
• tags/1.1.0/assets/admin-style.css (added)
• tags/1.1.0/assets/room34-logo-on-white.svg (added)
• tags/1.1.0/class-pending-status.php (added)
• tags/1.1.0/functions.php (added)
• tags/1.1.0/i18n (added)
• tags/1.1.0/i18n/languages (added)
• tags/1.1.0/i18n/languages/pending-status.pot (added)
• tags/1.1.0/pending-status.php (added)
• tags/1.1.0/readme.txt (added)
• tags/1.1.0/templates (added)
• tags/1.1.0/templates/admin (added)
• tags/1.1.0/templates/admin/r34ps-admin.php (added)
• trunk/class-pending-status.php (modified) (4 diffs)
• trunk/functions.php (modified) (4 diffs)
• trunk/pending-status.php (modified) (3 diffs)
• trunk/readme.txt (modified) (2 diffs)
• trunk/templates/admin/r34ps-admin.php (modified) (6 diffs)

pending-status/trunk/class-pending-status.php

@@ -1 +1 @@
 <?php
+
+// phpcs:disable WordPress.WP.I18n.MissingTranslatorsComment
 
 // Don't load directly
@@ -54 +56 @@
     public function admin_page_callback() {
         // Update settings
-        if (isset($_POST['r34ps-nonce']) && wp_verify_nonce($_POST['r34ps-nonce'], 'r34ps-admin')) {
+        if (isset($_POST['r34ps-nonce']) && wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['r34ps-nonce'])), 'r34ps-admin')) {
             
             if (!empty($_POST['r34ps_notification_recipients'])) {
+                // phpcs:disable WordPress.Security.ValidatedSanitizedInput.MissingUnslash
+                // phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
                 update_option('r34ps_notification_recipients', filter_var_array($_POST['r34ps_notification_recipients'], FILTER_SANITIZE_EMAIL));
+                // phpcs:enable WordPress.Security.ValidatedSanitizedInput.MissingUnslash
+                // phpcs:enable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
             }
             else {
@@ -78 +84 @@
 
             // Display admin notice
-            echo '<div class="notice notice-success"><p>' . __('Settings updated.', 'pending-status') . '</p></div>';
+            echo '<div class="notice notice-success"><p>' . esc_html__('Settings updated.', 'pending-status') . '</p></div>';
         }
         
@@ -96 +102 @@
     
     public function email_default_strings() {
-        $this->default_subject = sprintf(__('A new post is pending review on %1$s', 'pending-review'), get_bloginfo('name'));
+        $this->default_subject = sprintf(__('A new post is pending review on %1$s', 'pending-status'), get_bloginfo('name'));
         $this->default_message = __('A post on your website has been set to "pending review." You can review the post at the link below.', 'pending-status');
     }

pending-status/trunk/functions.php

@@ -1 +1 @@
 <?php
+
+// phpcs:disable WordPress.WP.I18n.MissingTranslatorsComment
 
 // Don't load directly
@@ -13 +15 @@
     $r34ps_status = array();
     foreach ((array)$post_types as $post_type) {
-        $sql =  'SELECT COUNT(`ID`) as count FROM `' . $wpdb->posts . '` ' .
-                'WHERE `post_type` = "' . esc_sql($post_type->name) . '" ' .
-                'AND `post_status` = "pending"';
-        $r34ps_results = $wpdb->get_results($sql);
-        $count = intval($r34ps_results[0]->count);
+        $pending_posts = get_posts(array(
+            'fields' => 'ids',
+            'post_status' => 'pending',
+            'post_type' => $post_type->name,
+            'posts_per_page' => -1,
+        ));
+        $count = count($pending_posts);
         if ($count > 0) {
             $r34ps_status[] = array(
@@ -28 +32 @@
     }
     if (!empty($r34ps_status)) {
-        echo '<p>' . __('You have one or more posts pending review.', 'pending-status') . '</p><table class="r34ps-table"><tbody>';
+        echo '<p>' . esc_html__('You have one or more posts pending review.', 'pending-status') . '</p><table class="r34ps-table"><tbody>';
         foreach ((array)$r34ps_status as $item) {
             echo '<tr><td><strong>' . wp_kses_post($item['label']) . ':&nbsp;&nbsp;</strong></td><td>' . intval($item['count']);
@@ -39 +43 @@
     }
     else {
-        echo '<p>' . __('You currently have no posts pending review.', 'pending-status') . '</p>';
+        echo '<p>' . esc_html__('You currently have no posts pending review.', 'pending-status') . '</p>';
     }
     ?>

pending-status/trunk/pending-status.php

@@ -4 +4 @@
 Plugin URI: https://room34.com
 Description: Get notified when your site has posts pending review.
-Version: 1.0.4
+Version: 1.1.0
 Author: Room 34 Creative Services, LLC
 Author URI: http://room34.com
@@ -27 +27 @@
     Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */
+
+// phpcs:disable WordPress.WP.I18n.MissingTranslatorsComment
 
 
@@ -71 +73 @@
     $notices = get_option('r34ps_deferred_admin_notices', array());
     $notices[] = array(
-        'content' => '<p>' . sprintf(__('Thank you for installing %1$sPending Status%2$s. If you would like to set up email notifications for pending posts, please visit the %3$sSettings%4$s page.'), '<strong>', '</strong>', '<a href="' . admin_url('options-general.php?page=pending-status') . '"><strong>', '</strong></a>') . '</p>',
+        'content' => '<p>' . sprintf(__('Thank you for installing %1$sPending Status%2$s. If you would like to set up email notifications for pending posts, please visit the %3$sSettings%4$s page.', 'pending-status'), '<strong>', '</strong>', '<a href="' . admin_url('options-general.php?page=pending-status') . '"><strong>', '</strong></a>') . '</p>',
         'status' => 'info'
     );

pending-status/trunk/readme.txt

@@ -5 +5 @@
 Requires at least: 4.9
 Requires PHP: 7.0.0
-Tested up to: 6.8
-Stable tag: 1.0.4
+Tested up to: 7.0
+Stable tag: 1.1.0
 License: GPLv2
 
@@ -37 +37 @@
 == Changelog ==
 
+= 1.1.0 - 2026.05.18 =
+
+* Refactored `r34ps_dashboard_widget()` function to use `get_posts()` instead of direct SQL query.
+* Additional code refactoring to pass [Plugin Check](https://wordpress.org/plugins/plugin-check/) tests.
+* Bumped "tested up to" to 7.0.
+
 = 1.0.4 - 2025.04.24 =
 

pending-status/trunk/templates/admin/r34ps-admin.php

@@ -1 +1 @@
 <?php
+// phpcs:disable WordPress.WP.I18n.MissingTranslatorsComment
+
 // Don't load directly
 if (!defined('ABSPATH')) { exit; }
@@ -8 +10 @@
 
 <div class="wrap r34ps">
-    <h2><?php echo get_admin_page_title(); ?></h2>
+    <h2><?php echo wp_kses_post(get_admin_page_title()); ?></h2>
 
     <div class="metabox-holder columns-2">
@@ -23 +25 @@
                     ?>
                     
-                    <h3><?php _e('Email Notification Recipients', 'pending-status'); ?></h3>
+                    <h3><?php esc_html_e('Email Notification Recipients', 'pending-status'); ?></h3>
 
-                    <p><?php _e('Check the box next to the name of each administrator/editor you would like to receive an email notification when a post has been set to "pending review." Note: Your site must be properly configured to send emails.', 'pending-status'); ?></p>
+                    <p><?php esc_html_e('Check the box next to the name of each administrator/editor you would like to receive an email notification when a post has been set to "pending review." Note: Your site must be properly configured to send emails.', 'pending-status'); ?></p>
 
                     <table class="form-table"><tbody>
                         <tr class="r34ps-table-header-row">
                             <th style="width: 10%;"></th>
-                            <th style="width: 30%;"><?php _e('Name', 'pending-status'); ?></th>
-                            <th style="width: 30%;"><?php _e('Email', 'pending-status'); ?></th>
-                            <th style="width: 30%;"><?php _e('Role', 'pending-status'); ?></th>
+                            <th style="width: 30%;"><?php esc_html_e('Name', 'pending-status'); ?></th>
+                            <th style="width: 30%;"><?php esc_html_e('Email', 'pending-status'); ?></th>
+                            <th style="width: 30%;"><?php esc_html_e('Role', 'pending-status'); ?></th>
                         </tr>
                         <?php
+                        // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound
                         foreach ((array)$admins_and_editors as $user) {
                             ?>
@@ -48 +51 @@
                     </tbody></table>
                     
-                    <h3><?php _e('Email Notification Message', 'pending-status'); ?></h3>
+                    <h3><?php esc_html_e('Email Notification Message', 'pending-status'); ?></h3>
                     
-                    <p><?php _e('Customize the message administrators and editors will receive. The URL to review the post will automatically be added to the end of the message.', 'pending-status'); ?></p>
+                    <p><?php esc_html_e('Customize the message administrators and editors will receive. The URL to review the post will automatically be added to the end of the message.', 'pending-status'); ?></p>
                     
                     <table class="form-table"><tbody>
                         <tr>
-                            <td><strong><?php _e('Subject:', 'pending-status'); ?></strong></td>
+                            <td><strong><?php esc_html_e('Subject:', 'pending-status'); ?></strong></td>
                             <td><input type="text" style="width: 100%;" name="r34ps_notification_subject" value="<?php echo esc_attr($r34ps_notification_subject); ?>" /></td>
                         </tr>
                         <tr>
-                            <td><strong><?php _e('Message:', 'pending-status'); ?></strong></td>
+                            <td><strong><?php esc_html_e('Message:', 'pending-status'); ?></strong></td>
                             <td><textarea name="r34ps_notification_message" style="width: 100%;"><?php echo esc_textarea(html_entity_decode($r34ps_notification_message)); ?></textarea></td>
                         </tr>
@@ -79 +82 @@
             <div class="postbox">
 
-                <h3 class="hndle"><span><?php _e('Pending Status Support', 'pending-status'); ?></span></h3>
+                <h3 class="hndle"><span><?php esc_html_e('Pending Status Support', 'pending-status'); ?></span></h3>
         
                 <div class="inside">
     
-                    <p><?php echo sprintf(__('For support with the %1$s plugin, please use the %2$sWordPress Support Forums%3$s or email %4$s.', 'pending-status'), '<strong>Pending Status</strong>', '<a href="https://wordpress.org/support/plugin/pending-status" target="_blank">', '</a>', '<a href="mailto:support@room34.com">support@room34.com</a>'); ?></p>
+                    <p><?php echo sprintf(esc_html__('For support with the %1$s plugin, please use the %2$sWordPress Support Forums%3$s or email %4$s.', 'pending-status'), '<strong>Pending Status</strong>', '<a href="https://wordpress.org/support/plugin/pending-status" target="_blank">', '</a>', '<a href="mailto:support@room34.com">support@room34.com</a>'); ?></p>
         
                 </div>
@@ -95 +98 @@
                 <div class="inside">
     
-                    <a href="https://room34.com/about/payments/?type=WordPress+Plugin&plugin=Pending+Status&amt=9" target="_blank"><img src="<?php echo dirname(dirname(plugin_dir_url(__FILE__))); ?>/assets/room34-logo-on-white.svg" alt="Room 34 Creative Services" style="display: block; height: auto; margin: 0 auto 0.5em auto; width: 200px;" /></a> 
+                    <a href="https://room34.com/about/payments/?type=WordPress+Plugin&plugin=Pending+Status&amt=9" target="_blank"><img src="<?php echo esc_url(dirname(dirname(plugin_dir_url(__FILE__)))); ?>/assets/room34-logo-on-white.svg" alt="Room 34 Creative Services" style="display: block; height: auto; margin: 0 auto 0.5em auto; width: 200px;" /></a> 
         
-                    <p><?php _e('This plugin is free to use. However, if you find it to be of value, we welcome your donation (suggested amount: USD $9), to help fund future development.', 'pending-status'); ?></p>
+                    <p><?php esc_html_e('This plugin is free to use. However, if you find it to be of value, we welcome your donation (suggested amount: USD $9), to help fund future development.', 'pending-status'); ?></p>
 
-                    <p><a href="https://room34.com/about/payments/?type=WordPress+Plugin&plugin=Pending+Status&amt=9" target="_blank" class="button"><?php _e('Make a Donation', 'pending-status'); ?></a></p>
+                    <p><a href="https://room34.com/about/payments/?type=WordPress+Plugin&plugin=Pending+Status&amt=9" target="_blank" class="button"><?php esc_html_e('Make a Donation', 'pending-status'); ?></a></p>
                     
                 </div>