Security

includes/class-syndication-admin-notices.php

@@ -96,7 +96,7 @@ public static function display_valid_notices() {
 			foreach( $message_values as $message_key => $message_data ) {
 				$dismiss_nonce = wp_create_nonce( esc_attr( $message_key ) );
 				printf( '<div class="%s"><p>', esc_attr( $message_data['class'] ) );
-				printf( __('%1$s : %2$s <a href="%3$s">Hide Notice</a>'), esc_html( $message_type ), wp_kses_post( $message_data['message_text'] ), add_query_arg( array( self::$dismiss_parameter => esc_attr( $message_key ), 'syn_dismiss_nonce' => esc_attr( $dismiss_nonce ) ) ) );
+				printf( __( '%1$s : %2$s <a href="%3$s">Hide Notice</a>', 'push-syndication' ), esc_html( $message_type ), wp_kses_post( $message_data['message_text'] ), esc_url( add_query_arg( array( self::$dismiss_parameter => esc_attr( $message_key ), 'syn_dismiss_nonce' => esc_attr( $dismiss_nonce ) ) ) ) );
 				printf( '</p></div>' );
 			}
 		}
@@ -114,7 +114,7 @@ public static function handle_dismiss_syndication_notice() {
 			$dismiss_key = esc_attr( $_GET[self::$dismiss_parameter] );
 			$dismiss_nonce = esc_attr( $_GET['syn_dismiss_nonce'] );
 			if ( ! wp_verify_nonce( $dismiss_nonce, $dismiss_key ) ) {
-				wp_die( __( "Invalid security check" ) );
+				wp_die( esc_html__( 'Invalid security check', 'push-syndication' ) );
 			}
 			$messages = get_option( self::$notice_option );
 			$notice_bundles = get_option( self::$notice_bundles_option );
@@ -147,10 +147,10 @@ public static function handle_dismiss_syndication_notice() {
 
 add_filter( 'syn_message_text_multiple', 'syn_handle_multiple_error_notices', 10, 2 );
 function syn_handle_multiple_error_notices( $message, $message_data ) {
-	return __( 'There have been multiple errors. Please validate your syndication logs' );
+	return esc_html__( 'There have been multiple errors. Please validate your syndication logs', 'push-syndication' );
 }
 
 add_action( 'push_syndication_site_disabled', 'syn_add_site_disabled_notice', 10, 2 );
 function syn_add_site_disabled_notice( $site_id, $count ) {
-	Syndication_Logger_Admin_Notice::add_notice( $message_text = sprintf( __( 'Site %d disabled after %d pull failure(s).', 'push-syndication' ), (int) $site_id, (int) $count ), $message_type = 'Syndication site disabled', $class = 'error', $summarize_multiple = false );
+	Syndication_Logger_Admin_Notice::add_notice( $message_text = sprintf( esc_html__( 'Site %d disabled after %d pull failure(s).', 'push-syndication' ), (int) $site_id, (int) $count ), $message_type = 'Syndication site disabled', $class = 'error', $summarize_multiple = false );
 }

includes/class-syndication-logger-viewer.php

@@ -20,9 +20,9 @@ public function __construct(){
 		global $status, $page;
 
 		parent::__construct( array(
-			'singular'  => __( 'log', 'push-syndication' ),
-			'plural'    => __( 'logs', 'push-syndication' ),
-			'ajax'      => false
+			'singular' => esc_html__( 'log', 'push-syndication' ),
+			'plural'   => esc_html__( 'logs', 'push-syndication' ),
+			'ajax'     => false
 		) );
 
 		add_action( 'admin_head', array( $this, 'admin_header' ) );
@@ -46,7 +46,7 @@ public function admin_header() {
 	}
 
 	public function no_items() {
-		_e( 'No log entries found.' );
+		esc_html_e( 'No log entries found.', 'push-syndication' );
 	}
 
 	public function column_default( $item, $column_name ) {
@@ -78,12 +78,12 @@ public function get_sortable_columns() {
 
 	public function get_columns(){
 		$columns = array(
-			'object_id'	=> __( 'Object ID', 'push-syndication' ),
-			'log_id'	=> __( 'Log ID', 	'push-syndication' ),
-			'time'		=> __( 'Time', 		'push-syndication' ),
-			'msg_type'	=> __( 'Type', 		'push-syndication' ),
-			'status'	=> __( 'Status', 	'push-syndication' ),
-			'message'	=> __( 'Message', 	'push-syndication' ),
+			'object_id' => esc_html__( 'Object ID', 'push-syndication' ),
+			'log_id'    => esc_html__( 'Log ID', 'push-syndication' ),
+			'time'      => esc_html__( 'Time', 'push-syndication' ),
+			'msg_type'  => esc_html__( 'Type', 'push-syndication' ),
+			'status'    => esc_html__( 'Status', 'push-syndication' ),
+			'message'   => esc_html__( 'Message', 'push-syndication' ),
 			);
 		return $columns;
 	}
@@ -195,7 +195,7 @@ protected function extra_tablenav( $which ) {
 				$this->_create_months_dropdown();
 				$this->_create_types_dropdown();
 
-				submit_button( __( 'Filter' ), 'button', 'filter_action', false, array( 'id' => 'post-query-submit' ) );
+				submit_button( esc_html__( 'Filter', 'push-syndication' ), 'button', 'filter_action', false, array( 'id' => 'post-query-submit' ) );
 			}
 
 			?>
@@ -206,9 +206,9 @@ protected function extra_tablenav( $which ) {
 	private function create_log_id_dropdown() {
 		$requested_log_id = isset( $_REQUEST['log_id'] ) ? esc_attr( $_REQUEST['log_id'] ) : 0;
 		?>
-		<label class="screen-reader-text" for="filter-by-log-id"><?php _e( 'Filter by Log ID' ); ?></label>
+		<label class="screen-reader-text" for="filter-by-log-id"><?php esc_html_e( 'Filter by Log ID', 'push-syndication' ); ?></label>
 		<select name="log_id" id="filter-by-log-id">
-			<option<?php selected( $requested_log_id, 0 ); ?> value="0"><?php _e( 'All logs' ); ?></option>
+			<option<?php selected( $requested_log_id, 0 ); ?> value="0"><?php esc_html_e( 'All logs', 'push-syndication' ); ?></option>
 			<?php
 			$log_ids = array();
 			foreach ( $this->prepared_data as $row ) {
@@ -294,7 +294,7 @@ public function initialize_list_table() {
 
 	public function render_list_page(){
 		?>
-		<div class="wrap"><h2><?php _e( "Syndication Logs", "syndication" ); ?></h2>
+		<div class="wrap"><h2><?php esc_html_e( 'Syndication Logs', 'push-syndication' ); ?></h2>
 			<?php
 			$this->syndication_logger_table->prepare_items();
 			?>

includes/class-syndication-logger.php

@@ -180,10 +180,10 @@ private function log_post_event( $event, $result, $post, $site, $transport_type,
 			} else {
 				$message = 'fail';
 			}
-			Syndication_Logger::log_post_error( $site->ID, $status = __( esc_attr( $event ), 'push-syndication' ), $message, $log_time, $extra );
+			Syndication_Logger::log_post_error( $site->ID, $status = esc_attr( $event ), $message, $log_time, $extra );
 		} else {
 			$message = sprintf( '%s,%d', sanitize_text_field( $post['post_guid'] ), intval( $result ) );
-			Syndication_Logger::log_post_success( $site->ID, $status = __( esc_attr( $event ), 'push-syndication' ), $message, $log_time, $extra );
+			Syndication_Logger::log_post_success( $site->ID, $status = esc_attr( $event ), $message, $log_time, $extra );
 		}
 	}
 
@@ -297,12 +297,12 @@ private function log( $storage_type, $msg_type, $object_type = 'post', $object_i
 			if ( 'post' == $object_type ) {
 
 				if ( ! is_integer( $object_id ) ) {
-					return new WP_Error( 'logger_no_post_id', __( 'You need to provide a valid post_id or use log_option instead', 'push-syndication' ) );
+					return new WP_Error( 'logger_no_post_id', esc_html__( 'You need to provide a valid post_id or use log_option instead', 'push-syndication' ) );
 				}
 
 				$post = get_post( $object_id );
 				if ( ! $post ) {
-					return new WP_Error( 'logger_no_post', __( 'The post_id provided does not exist.', 'push-syndication' ) );
+					return new WP_Error( 'logger_no_post', esc_html__( 'The post_id provided does not exist.', 'push-syndication' ) );
 				}
 
 				$log = get_post_meta( $post->ID, 'syn_log', true);

includes/class-syndication-site-auto-retry.php

@@ -91,7 +91,7 @@ public function handle_pull_failure_event( $site_id = 0, $failed_attempts = 0 )
 					// Run in one minute by default
 					$auto_retry_interval = apply_filters( 'syndication_failure_auto_retry_interval', $time_now + MINUTE_IN_SECONDS );
 
-					Syndication_Logger::log_post_info( $site->ID, $status = 'start_auto_retry', $message = sprintf( __( 'Connection retry %d of %d to %s in %s..', 'push-syndication' ), $site_auto_retry_count + 1, $auto_retry_limit, $site_url, human_time_diff( $time_now, $auto_retry_interval ) ), $log_time, $extra = array() );
+					Syndication_Logger::log_post_info( $site->ID, $status = 'start_auto_retry', $message = sprintf( esc_html__( 'Connection retry %d of %d to %s in %s..', 'push-syndication' ), $site_auto_retry_count + 1, $auto_retry_limit, $site_url, human_time_diff( $time_now, $auto_retry_interval ) ), $log_time, $extra = array() );
 
 					// Schedule a pull retry for one minute in the future
 					wp_schedule_single_event(
@@ -125,7 +125,7 @@ public function handle_pull_failure_event( $site_id = 0, $failed_attempts = 0 )
 				// Remove the auto retry if there was one
 				delete_post_meta( $site->ID, 'syn_failed_auto_retry_attempts' );
 
-				Syndication_Logger::log_post_error( $site->ID, $status = 'end_auto_retry', $message = sprintf( __( 'Failed %d times to reconnect to %s', 'push-syndication' ), $site_auto_retry_count, $site_url ), $log_time, $extra = array() );
+				Syndication_Logger::log_post_error( $site->ID, $status = 'end_auto_retry', $message = sprintf( esc_html__( 'Failed %d times to reconnect to %s', 'push-syndication' ), $site_auto_retry_count, $site_url ), $log_time, $extra = array() );
 			}
 		}
 	}

includes/class-syndication-site-failure-monitor.php

@@ -39,7 +39,7 @@ public function handle_pull_failure_event( $site_id, $count ) {
 			do_action( 'push_syndication_reset_event', 'pull_failure', $site_id );
 
 			// Log what happened.
-			Syndication_Logger::log_post_error( $site_id, 'error', sprintf( __( 'Site %d disabled after %d pull failure(s).', 'push-syndication' ), (int) $site_id, (int) $count ) );
+			Syndication_Logger::log_post_error( $site_id, 'error', sprintf( esc_html__( 'Site %d disabled after %d pull failure(s).', 'push-syndication' ), (int) $site_id, (int) $count ) );
 
 			do_action( 'push_syndication_site_disabled', $site_id, $count );
 		}

includes/class-syndication-wp-rest-client.php

@@ -221,7 +221,7 @@ public static function display_settings( $site ) {
 
 		<p>
 			<?php echo esc_html__( 'To generate the following information automatically please visit the ', 'push-syndication' ); ?>
-			<a href="<?php echo get_admin_url(); ?>/options-general.php?page=push-syndicate-settings" target="_blank"><?php echo esc_html__( 'settings page', 'push-syndication' ); ?></a>
+			<a href="<?php echo esc_url( get_admin_url() ); ?>/options-general.php?page=push-syndicate-settings" target="_blank"><?php esc_html_e( 'settings page', 'push-syndication' ); ?></a>
 		</p>
 		<p>
 			<label for=site_token><?php echo esc_html__( 'Enter API Token', 'push-syndication' ); ?></label>

includes/class-syndication-wp-rss-client.php

@@ -185,12 +185,12 @@ public function get_posts( $args = array() ) {
 		$rss_init = $this->init();
 
 		if ( false === $rss_init ) {
-			Syndication_Logger::log_post_error( $this->site_ID, $status = 'error', $message = sprintf( __( 'Failed to parse feed at: %s', 'push-syndication' ), $this->feed_url ), $log_time = isset( $site_post->postmeta['is_update'] ) ? $site_post->postmeta['is_update'] : null, $extra = array( 'error' => $this->error() ) );
+			Syndication_Logger::log_post_error( $this->site_ID, $status = 'error', $message = sprintf( esc_html__( 'Failed to parse feed at: %s', 'push-syndication' ), $this->feed_url ), $log_time = isset( $site_post->postmeta['is_update'] ) ? $site_post->postmeta['is_update'] : null, $extra = array( 'error' => $this->error() ) );
 
 			// Track the event.
 			do_action( 'push_syndication_event', 'pull_failure', $this->site_ID );
 		} else {
-			Syndication_Logger::log_post_info( $this->site_ID, $status = 'fetch_feed', $message = sprintf( __( 'fetched feed with %d bytes', 'push-syndication' ), strlen( $this->get_raw_data() ) ), $log_time = null, $extra = array() );
+			Syndication_Logger::log_post_info( $this->site_ID, $status = 'fetch_feed', $message = sprintf( esc_html__( 'fetched feed with %d bytes', 'push-syndication' ), strlen( $this->get_raw_data() ) ), $log_time = null, $extra = array() );
 
 			// Track the event.
 			do_action( 'push_syndication_event', 'pull_success', $this->site_ID );