Changeset 3479064

Timestamp:

03/10/2026 12:40:07 PM (3 weeks ago)

Author:

Marc4

Message:

v1.2.5

Location:

toys-for-playground

Files:

• tags/1.2.2 (deleted)
• tags/1.2.5 (added)
• tags/1.2.5/cloner.php (added)
• tags/1.2.5/generator.php (added)
• tags/1.2.5/plugin-explorer.js (added)
• tags/1.2.5/readme.txt (added)
• tags/1.2.5/sharer.php (added)
• tags/1.2.5/theme-explorer.js (added)
• tags/1.2.5/toys-for-playground.php (added)
• tags/1.2.5/uninstall.php (added)
• trunk/cloner.php (modified) (3 diffs)
• trunk/generator.php (modified) (1 diff)
• trunk/readme.txt (modified) (2 diffs)
• trunk/toys-for-playground.php (modified) (4 diffs)

toys-for-playground/trunk/cloner.php

@@ -1 @@
-<div class='wrap'>
-    <h1><?php esc_html_e('Cloner', 'toys-for-playground'); ?></h1>
 <?php
+// Retrieve all plugins and themes, both active and inactive.
+function toys_for_playground_get_all_plugins() {
+    $main_plugin_basename = defined( 'TOYSPG_MAIN_PLUGIN_BASENAME' ) ? TOYSPG_MAIN_PLUGIN_BASENAME : plugin_basename( __FILE__ );
+    $all_plugins          = get_plugins();
+    $active_plugins       = get_option( 'active_plugins', [] );
+    $plugins_data         = [ 'active' => [], 'inactive' => [] ];
 
-    // Retrieve all plugins and themes, both active and inactive.
-    function toys_for_playground_get_all_plugins() {
-        $main_plugin_basename = defined('TOYSPG_MAIN_PLUGIN_BASENAME') ? TOYSPG_MAIN_PLUGIN_BASENAME : plugin_basename(__FILE__);
-        $all_plugins = get_plugins();
-        $active_plugins = get_option('active_plugins', []);
-        $plugins_data = ['active' => [], 'inactive' => []];
-
-        $plugin_basename = plugin_basename(__FILE__);
-
-        foreach($all_plugins as $plugin_path => $plugin) {
-            // Exclude the own plugin
-            if ($plugin_path !== $main_plugin_basename) {
-                $slug = explode('/', $plugin_path)[0];
-                $plugin['slug'] = sanitize_key($slug);
-                if (in_array($plugin_path, $active_plugins)) {
-                    $plugins_data['active'][] = $plugin;
-                } else {
-                    $plugins_data['inactive'][] = $plugin;
-                }
+    foreach ( $all_plugins as $plugin_path => $plugin ) {
+        // Exclude the own plugin.
+        if ( $plugin_path !== $main_plugin_basename ) {
+            $slug           = explode( '/', $plugin_path )[0];
+            $plugin['slug'] = sanitize_key( $slug );
+            if ( in_array( $plugin_path, $active_plugins ) ) {
+                $plugins_data['active'][] = $plugin;
+            } else {
+                $plugins_data['inactive'][] = $plugin;
             }
         }
-
-        return $plugins_data;
     }
 
-    function toys_for_playground_get_all_themes() {
-        $all_themes = wp_get_themes();
-        $active_theme = wp_get_theme();
-        $themes_data = ['active' => [], 'inactive' => []];
+    return $plugins_data;
+}
 
-        foreach($all_themes as $theme) {
-            $theme_data = [
-                'name' => sanitize_text_field($theme->get('Name')),
-                'slug' => sanitize_key(strtolower($theme->get('TextDomain'))),
-            ];
+function toys_for_playground_get_all_themes() {
+    $all_themes   = wp_get_themes();
+    $active_theme = wp_get_theme();
+    $themes_data  = [ 'active' => [], 'inactive' => [] ];
 
-            if($active_theme->get('Name') === $theme->get('Name')) {
-                $themes_data['active'][] = $theme_data;
-            } else {
-                $themes_data['inactive'][] = $theme_data;
-            }
+    foreach ( $all_themes as $theme ) {
+        $theme_data = [
+            'name' => sanitize_text_field( $theme->get( 'Name' ) ),
+            'slug' => sanitize_key( strtolower( $theme->get( 'TextDomain' ) ) ),
+        ];
+
+        if ( $active_theme->get( 'Name' ) === $theme->get( 'Name' ) ) {
+            $themes_data['active'][] = $theme_data;
+        } else {
+            $themes_data['inactive'][] = $theme_data;
         }
-
-        return $themes_data;
     }
 
-    // Render the plugin configuration page.
+    return $themes_data;
+}
 
-    function toys_for_playground_render_cloner_page() {
-        $plugins = toys_for_playground_get_all_plugins('toys-for-playground/toys-for-playground.php');
-        $themes = toys_for_playground_get_all_themes();
+// Render the plugin configuration page.
+function toys_for_playground_render_cloner_page() {
+    $plugins = toys_for_playground_get_all_plugins();
+    $themes  = toys_for_playground_get_all_themes();
 
-        // Define WordPress and PHP versions.
-        $wp_versions = ['6.3', '6.4', '6.5', '6.6', '6.7', '6.8', '6.9', 'nightly', 'latest', 'beta'];
-        $php_versions = ['7.4', '8.0', '8.1', '8.2', '8.3', '8.4', '8.5'];
+    // Define WordPress and PHP versions.
+    $wp_versions  = [ '6.3', '6.4', '6.5', '6.6', '6.7', '6.8', '6.9', 'nightly', 'latest', 'beta' ];
+    $php_versions = [ '7.4', '8.0', '8.1', '8.2', '8.3', '8.4', '8.5' ];
 
-        ob_start(); ?>
+    ob_start(); ?>
+
+    <div class="wrap">
+        <h1><?php esc_html_e( 'Cloner', 'toys-for-playground' ); ?></h1>
 
         <div class="notice notice-warning">
-            <p><?php esc_html_e('Alert: Uncheck non-repository plugins or themes (e.g. premium or custom) for Playground to load correctly. The API can only load content from the repository.', 'toys-for-playground'); ?></p>
+            <p><?php esc_html_e( 'Alert: Uncheck non-repository plugins or themes (e.g. premium or custom) for Playground to load correctly. The API can only load content from the repository.', 'toys-for-playground' ); ?></p>
         </div>
 
         <form method="post" action="">
-        <?php wp_nonce_field("toys_for_playground_action", "toys_for_playground_nonce"); ?>
-            <h2><?php esc_html_e('Active Plugins', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Active plugins are checked by default.', 'toys-for-playground'); ?></p>
+            <?php wp_nonce_field( 'toys_for_playground_action', 'toys_for_playground_nonce' ); ?>
 
-            <?php foreach($plugins['active'] as $plugin): ?>
-                <label><input type="checkbox" name="plugins[]" value="<?php echo esc_attr($plugin['slug']) ?>" checked /> <?php echo esc_html($plugin['Name']) ?></label><br/>
+            <h2><?php esc_html_e( 'Active Plugins', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Active plugins are checked by default.', 'toys-for-playground' ); ?></p>
+
+            <?php foreach ( $plugins['active'] as $plugin ) : ?>
+                <label><input type="checkbox" name="plugins[]" value="<?php echo esc_attr( $plugin['slug'] ); ?>" checked /> <?php echo esc_html( $plugin['Name'] ); ?></label><br/>
             <?php endforeach; ?>
 
-            <h2><?php esc_html_e('Inactive Plugins', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Inactive plugins are unchecked by default.', 'toys-for-playground'); ?></p>
+            <h2><?php esc_html_e( 'Inactive Plugins', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Inactive plugins are unchecked by default.', 'toys-for-playground' ); ?></p>
 
-            <?php foreach($plugins['inactive'] as $plugin): ?>
-                <label><input type="checkbox" name="plugins[]" value="<?php echo esc_attr($plugin['slug']) ?>" /> <?php echo esc_html($plugin['Name']) ?></label><br/>
+            <?php foreach ( $plugins['inactive'] as $plugin ) : ?>
+                <label><input type="checkbox" name="plugins[]" value="<?php echo esc_attr( $plugin['slug'] ); ?>" /> <?php echo esc_html( $plugin['Name'] ); ?></label><br/>
             <?php endforeach; ?>
 
-            <h2><?php esc_html_e('Active Theme', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Active theme are checked by default. Only one theme can be uploaded per Playground API request.', 'toys-for-playground'); ?></p>
+            <h2><?php esc_html_e( 'Active Theme', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Active theme are checked by default. Only one theme can be uploaded per Playground API request.', 'toys-for-playground' ); ?></p>
 
-            <?php foreach($themes['active'] as $theme): ?>
-                <label><input type="checkbox" name="themes[]" value="<?php echo esc_attr($theme['slug']) ?>" checked /> <?php echo esc_html($theme['name']) ?></label><br/>
+            <?php foreach ( $themes['active'] as $theme ) : ?>
+                <label><input type="checkbox" name="themes[]" value="<?php echo esc_attr( $theme['slug'] ); ?>" checked /> <?php echo esc_html( $theme['name'] ); ?></label><br/>
             <?php endforeach; ?>
 
-            <h2><?php esc_html_e('Inactive Themes', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Inactive themes are unchecked by default. Only one theme can be uploaded per Playground API request.', 'toys-for-playground'); ?></p>
+            <h2><?php esc_html_e( 'Inactive Themes', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Inactive themes are unchecked by default. Only one theme can be uploaded per Playground API request.', 'toys-for-playground' ); ?></p>
 
-            <?php foreach($themes['inactive'] as $theme): ?>
-                <label><input type="checkbox" name="themes[]" value="<?php echo esc_attr($theme['slug']) ?>" /> <?php echo esc_html($theme['name']) ?></label><br/>
+            <?php foreach ( $themes['inactive'] as $theme ) : ?>
+                <label><input type="checkbox" name="themes[]" value="<?php echo esc_attr( $theme['slug'] ); ?>" /> <?php echo esc_html( $theme['name'] ); ?></label><br/>
             <?php endforeach; ?>
 
-            <h2><?php esc_html_e('WordPress Version', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Select the WordPress version for your generated Playground.', 'toys-for-playground'); ?></p>
+            <h2><?php esc_html_e( 'WordPress Version', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Select the WordPress version for your generated Playground.', 'toys-for-playground' ); ?></p>
 
             <select name="wp_version">
-                <option value=""><?php esc_html_e('WP Version', 'toys-for-playground'); ?></option>
-                <?php foreach($wp_versions as $version): ?>
-                    <option value="<?php echo esc_attr($version) ?>"><?php echo esc_html($version) ?></option>
+                <option value=""><?php esc_html_e( 'WP Version', 'toys-for-playground' ); ?></option>
+                <?php foreach ( $wp_versions as $version ) : ?>
+                    <option value="<?php echo esc_attr( $version ); ?>"><?php echo esc_html( $version ); ?></option>
                 <?php endforeach; ?>
             </select>
 
-            <h2><?php esc_html_e('PHP Version', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Select the PHP version for your generated Playground.', 'toys-for-playground'); ?></p>
+            <h2><?php esc_html_e( 'PHP Version', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Select the PHP version for your generated Playground.', 'toys-for-playground' ); ?></p>
 
             <select name="php_version">
-                <option value=""><?php esc_html_e('PHP Version', 'toys-for-playground'); ?></option>
-                <?php foreach($php_versions as $version): ?>
-                    <option value="<?php echo esc_attr($version) ?>"><?php echo esc_html($version) ?></option>
+                <option value=""><?php esc_html_e( 'PHP Version', 'toys-for-playground' ); ?></option>
+                <?php foreach ( $php_versions as $version ) : ?>
+                    <option value="<?php echo esc_attr( $version ); ?>"><?php echo esc_html( $version ); ?></option>
                 <?php endforeach; ?>
             </select>
 
-            <h2><?php esc_html_e('Storage', 'toys-for-playground'); ?></h2>
-            <p><?php esc_html_e('Select the storage type for your generated Playground.', 'toys-for-playground'); ?></p>
+            <h2><?php esc_html_e( 'Storage', 'toys-for-playground' ); ?></h2>
+            <p><?php esc_html_e( 'Select the storage type for your generated Playground.', 'toys-for-playground' ); ?></p>
             <input type="checkbox" id="none" name="storage_none" value="none" checked>
-            <label for="none"><?php esc_html_e('None: changes will be lost on page refresh.', 'toys-for-playground'); ?></label><br>
+            <label for="none"><?php esc_html_e( 'None: changes will be lost on page refresh.', 'toys-for-playground' ); ?></label><br>
             <input type="checkbox" id="browser" name="storage_browser" value="browser">
-            <label for="browser"><?php esc_html_e('Browser: stored in this browser (cookies).', 'toys-for-playground'); ?></label><br>
+            <label for="browser"><?php esc_html_e( 'Browser: stored in this browser (cookies).', 'toys-for-playground' ); ?></label><br>
 
             <script>
@@ -142 +140 @@
 
             <br/>
-            <input type="submit" name="generate" class="button button-primary button-hero" value="<?php esc_attr_e('Clone', 'toys-for-playground'); ?>" />
-            <p><?php esc_html_e("Opens in a new window. Enable pop-ups in your browser if it doesn't.", 'toys-for-playground'); ?></p>
+            <input type="submit" name="generate" class="button button-primary button-hero" value="<?php esc_attr_e( 'Clone', 'toys-for-playground' ); ?>" />
+            <p><?php esc_html_e( "Opens in a new window. Enable pop-ups in your browser if it doesn't.", 'toys-for-playground' ); ?></p>
         </form>
-        <?php if (current_user_can('manage_options') && isset($_POST["generate"]) && wp_verify_nonce($_POST["toys_for_playground_nonce"], "toys_for_playground_action")): ?>
+
+        <?php if ( current_user_can( 'manage_options' ) && isset( $_POST['generate'] ) && wp_verify_nonce( $_POST['toys_for_playground_nonce'], 'toys_for_playground_action' ) ) : ?>
             <script>
                 var url = "https://playground.wordpress.net/?";
-                <?php $_POST['plugins'] = array_map('sanitize_text_field', (array) $_POST['plugins']);
-                foreach($_POST['plugins'] as $plugin_slug): ?>
-                    url += "plugin=<?php echo esc_js(sanitize_key($plugin_slug)) ?>&";
+                <?php
+                $post_plugins = array_map( 'sanitize_text_field', (array) ( isset( $_POST['plugins'] ) ? $_POST['plugins'] : [] ) );
+                foreach ( $post_plugins as $plugin_slug ) : ?>
+                    url += "plugin=<?php echo esc_js( sanitize_key( $plugin_slug ) ); ?>&";
                 <?php endforeach; ?>
-                <?php $_POST['themes'] = array_map('sanitize_text_field', (array) $_POST['themes']);
-                foreach($_POST['themes'] as $theme_slug): ?>
-                    url += "theme=<?php echo esc_js(sanitize_key($theme_slug)) ?>&";
+                <?php
+                $post_themes = array_map( 'sanitize_text_field', (array) ( isset( $_POST['themes'] ) ? $_POST['themes'] : [] ) );
+                foreach ( $post_themes as $theme_slug ) : ?>
+                    url += "theme=<?php echo esc_js( sanitize_key( $theme_slug ) ); ?>&";
                 <?php endforeach; ?>
 
-                if ("<?php echo esc_html(sanitize_text_field($_POST['wp_version'])) ?>" !== "") {
-                    url += "wp=<?php echo esc_js(sanitize_text_field($_POST['wp_version'])) ?>&";
+                <?php $wp_version = isset( $_POST['wp_version'] ) ? sanitize_text_field( $_POST['wp_version'] ) : ''; ?>
+                if ("<?php echo esc_js( $wp_version ); ?>" !== "") {
+                    url += "wp=<?php echo esc_js( $wp_version ); ?>&";
                 }
-                if ("<?php echo esc_html(sanitize_text_field($_POST['php_version'])) ?>" !== "") {
-                    url += "php=<?php echo esc_js(sanitize_text_field($_POST['php_version'])) ?>&";
+                <?php $php_version = isset( $_POST['php_version'] ) ? sanitize_text_field( $_POST['php_version'] ) : ''; ?>
+                if ("<?php echo esc_js( $php_version ); ?>" !== "") {
+                    url += "php=<?php echo esc_js( $php_version ); ?>&";
                 }
 
                 url += "url=/wp-admin/index.php&mode=seamless";
 
-                <?php if (isset($_POST['storage_browser']) && sanitize_text_field($_POST['storage_browser']) === 'browser'): ?>
+                <?php if ( isset( $_POST['storage_browser'] ) && sanitize_text_field( $_POST['storage_browser'] ) === 'browser' ) : ?>
                     url += "&storage=browser";
-                <?php else: ?>
+                <?php else : ?>
                     url += "&storage=none";
                 <?php endif; ?>
@@ -174 +177 @@
                 window.open(url);
             </script>
-        <?php endif;
-        echo ob_get_clean();
-    }
+        <?php endif; ?>
 
-    toys_for_playground_render_cloner_page();
+    </div>
 
-    echo "</div>";
+    <?php
+    echo ob_get_clean();
+}
+
+toys_for_playground_render_cloner_page();

toys-for-playground/trunk/generator.php

@@ -80 +80 @@
             <?php endforeach; ?>
 
-            <?php $_POST['theme'] = sanitize_text_field($_POST['theme']); ?>
-            url += "theme=<?php echo esc_js(sanitize_key($_POST['theme'])) ?>&";
+            <?php $_POST['theme'] = isset( $_POST['theme'] ) ? sanitize_text_field( $_POST['theme'] ) : ''; ?>
+            url += "theme=<?php echo esc_js( sanitize_key( $_POST['theme'] ) ); ?>&";
 
             <?php $_POST['wp_version'] = sanitize_text_field($_POST['wp_version']); ?>

toys-for-playground/trunk/readme.txt

@@ -6 +6 @@
 Requires PHP: 7.4
 Tested PHP: 8.3
-Stable tag: 1.2.4
+Stable tag: 1.2.5
 License: GNU General Public License v2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -44 +44 @@
 
 == Changelog ==
+
+= [1.2.5] - 2026-10-03 =
+
+* Security: Escaped Settings link with esc_html__() in plugin action links.
+* Fix: Added isset() guards for $_POST['themes'], $_POST['wp_version'], $_POST['php_version'] in cloner.php to prevent PHP warnings.
+* Fix: Added isset() guard for $_POST['theme'] in generator.php to prevent PHP warnings.
+* Code: Removed unused $plugin_basename variable from cloner.php.
+* Code: cloner.php now starts with <?php and closes the wrap div in HTML.
+* Performance: get_option('enable_sharer') stored in variable to avoid repeated calls.
 
 = [1.2.4] - 2026-10-03 =

toys-for-playground/trunk/toys-for-playground.php

@@ -4 +4 @@
 Plugin URI: https://wordpress.org/plugins/toys-for-playground/
 Description: Toys for Playground allows you to set up development, training, and testing environments in WordPress Playground easily. No Playground API knowledge needed.
-Version: 1.2.4
+Version: 1.2.5
 Requires at least: 6.3
 Tested up to: 6.9
@@ -17 +17 @@
 if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
 
-define( 'TOYSPG_VERSION', '1.2.4' );
+define( 'TOYSPG_VERSION', '1.2.5' );
 
 
 // Add settings link to plugin page
 function toys_for_playground_add_settings_link($links) {
-    $settings_link = '<a href="admin.php?page=toys-playground">' . __('Settings', 'toys-for-playground') . '</a>';
+    $settings_link = '<a href="admin.php?page=toys-playground">' . esc_html__( 'Settings', 'toys-for-playground' ) . '</a>';
     array_unshift($links, $settings_link);
     return $links;
@@ -98 +98 @@
             <h2><?php esc_html_e('Sharer', 'toys-for-playground'); ?></h2>
             <p><?php esc_html_e('Generate a Playground link of your current WordPress page for debugging or sharing.', 'toys-for-playground'); ?></p>
-            
+            <?php $sharer_enabled = (bool) get_option( 'enable_sharer', 0 ); ?>
             <form method="post" action="">
-                <input type="hidden" name="toggle_sharer" value="<?php echo get_option('enable_sharer', 0) ? '0' : '1'; ?>">
-                <input type="submit" class="button" value="<?php echo get_option('enable_sharer', 0) ? esc_html_e('Disable Sharer', 'toys-for-playground') : esc_html_e('Enable Sharer', 'toys-for-playground'); ?>">
+                <input type="hidden" name="toggle_sharer" value="<?php echo $sharer_enabled ? '0' : '1'; ?>">
+                <input type="submit" class="button" value="<?php $sharer_enabled ? esc_html_e('Disable Sharer', 'toys-for-playground') : esc_html_e('Enable Sharer', 'toys-for-playground'); ?>">
             </form>
         </div>
@@ -116 +116 @@
 // Function to include sharer.php in the footer
 function toys_for_playground_include_sharer_in_footer() {
-    if (get_option('enable_sharer') == 1) {
-        include_once(plugin_dir_path(__FILE__) . 'sharer.php');
+    $sharer_enabled = (bool) get_option( 'enable_sharer', 0 );
+    if ( $sharer_enabled ) {
+        include_once( plugin_dir_path( __FILE__ ) . 'sharer.php' );
     }
 }