trewknowledge · moutushi82 · Jul 15, 2020 · Jul 16, 2020 · Jul 16, 2020 · Jul 16, 2020
diff --git a/admin/class-gdpr-admin.php b/admin/class-gdpr-admin.php
@@ -254,10 +254,10 @@ public function sanitize_consents( $consents ) {
 	 * @author Fernando Claussen <[email protected]>
 	 */
 	public function settings_page_template() {
-		$registered_cookies = get_option( 'gdpr_cookie_popup_content', array() );
-		$consent_types      = get_option( 'gdpr_consent_types', array() );
+		$registered_cookies = get_option( 'gdpr_cookie_popup_content', array() ); // phpcs:ignore
+		$consent_types      = get_option( 'gdpr_consent_types', array() ); // phpcs:ignore
 
-		$pages = get_pages();
+		$pages = get_pages(); // phpcs:ignore
 
 		include_once plugin_dir_path( __FILE__ ) . 'partials/templates/tmpl-cookies.php';
 		include_once plugin_dir_path( __FILE__ ) . 'partials/templates/tmpl-consents.php';
@@ -283,18 +283,18 @@ public function requests_page_template() {
 			}
 		}
 
-		$tabs = array(
+		$tabs = array( // phpcs:ignore
 			'rectify'   => array(
 				'name'  => __( 'Rectify Data', 'gdpr' ),
-				'count' => isset( $rectify ) ? count( $rectify ) : 0,
+				'count' => isset( $rectify ) ? count( $rectify ) : 0, // phpcs:ignore
 			),
 			'complaint' => array(
 				'name'  => __( 'Complaint', 'gdpr' ),
-				'count' => isset( $complaint ) ? count( $complaint ) : 0,
+				'count' => isset( $complaint ) ? count( $complaint ) : 0, // phpcs:ignore
 			),
 			'delete'    => array(
 				'name'  => __( 'Erasure', 'gdpr' ),
-				'count' => isset( $delete ) ? count( $delete ) : 0,
+				'count' => isset( $delete ) ? count( $delete ) : 0, // phpcs:ignore
 			),
 		);
 
@@ -465,9 +465,9 @@ public function access_data() {
 				foreach ( $v as $value ) {
 					if ( is_serialized( $value ) ) {
 
-						echo '<pre>' . esc_html( print_r( maybe_unserialize( $value ), true ) ) . '</pre><br />';
+						echo '<pre>' . esc_html( print_r( maybe_unserialize( $value ), true ) ) . '</pre><br />'; // phpcs:ignore
 					} else {
-						echo esc_html( print_r( $value, true ) ) . '<br />';
+						echo esc_html( print_r( $value, true ) ) . '<br />'; // phpcs:ignore
 					}
 				}
 				echo '</td>';
@@ -858,26 +858,26 @@ public function edit_user_profile( $user ) {
 			return;
 		}
 		?>
-	<h3><?php esc_html_e( 'Consent Management', 'gdpr' ); ?></h3>
-
-	<table class="form-table">
-		<?php foreach ( $consent_types as $consent_key => $consent ) : ?>
-			<tr>
-			<th>
-				<label><?php echo esc_html( $consent['name'] ); ?></label>
-			</th>
-			<td>
-				<?php if ( $consent['required'] ) : ?>
-					<input type="checkbox" name="user_consents[]" value="<?php echo esc_attr( $consent_key ); ?>" disabled checked>
-					<input type="hidden" name="user_consents[]" value="<?php echo esc_attr( $consent_key ); ?>">
-				<?php else : ?>
-					<input type="checkbox" name="user_consents[]" value="<?php echo esc_attr( $consent_key ); ?>" <?php echo ! empty( $user_consents ) ? checked( in_array( $consent_key, $user_consents, true ), 1, false ) : ''; ?>>
-				<?php endif ?>
-				<span class="description"><?php echo wp_kses( $consent['description'], $this->allowed_html ); ?></span>
-			</td>
-			</tr>
-		<?php endforeach ?>
-	</table>
+		<h3><?php esc_html_e( 'Consent Management', 'gdpr' ); ?></h3>
+
+		<table class="form-table">
+			<?php foreach ( $consent_types as $consent_key => $consent ) : ?>
+				<tr>
+				<th>
+					<label><?php echo esc_html( $consent['name'] ); ?></label>
+				</th>
+				<td>
+					<?php if ( $consent['required'] ) : ?>
+						<input type="checkbox" name="user_consents[]" value="<?php echo esc_attr( $consent_key ); ?>" disabled checked>
+						<input type="hidden" name="user_consents[]" value="<?php echo esc_attr( $consent_key ); ?>">
+					<?php else : ?>
+						<input type="checkbox" name="user_consents[]" value="<?php echo esc_attr( $consent_key ); ?>" <?php echo ! empty( $user_consents ) ? checked( in_array( $consent_key, $user_consents, true ), 1, false ) : ''; ?>>
+					<?php endif ?>
+					<span class="description"><?php echo wp_kses( $consent['description'], $this->allowed_html ); ?></span>
+				</td>
+				</tr>
+			<?php endforeach ?>
+		</table>
 
 		<?php
 	}
@@ -912,8 +912,6 @@ public function user_profile_update( $user_id ) {
 			}
 			GDPR_Audit_Log::log( $user_id, $consent );
 		}
-
-		setcookie( 'gdpr[consent_types]', wp_json_encode( $consents ), time() + YEAR_IN_SECONDS, '/' );
 	}
 
 	/**
@@ -956,7 +954,7 @@ public function woocommerce_checkout_save_consent( $customer_id, $data ) {
 			}
 		);
 
-		foreach ( $consent_arr as $key => $value ) {
+		foreach ( $consent_arr as $key => $value ) { // phpcs:ignore
 			$consent = str_replace( 'user_consents_', '', $value );
 			if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
 				add_user_attribute( $customer_id, 'gdpr_consents', $consent );

diff --git a/admin/partials/requests.php b/admin/partials/requests.php
@@ -238,7 +238,7 @@
 													if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
 														$count = wpcom_vip_count_user_posts( $uid, $pt->name );
 													} else {
-														$count = count_user_posts( $uid, $pt->name );
+														$count = count_user_posts( $uid, $pt->name ); // phpcs:ignore
 													}
 													if ( '0' === $count ) {
 														continue;

diff --git a/admin/partials/settings.php b/admin/partials/settings.php
@@ -396,8 +396,8 @@
 									<td>
 										<select name="gdpr_consent_types[<?php echo esc_attr( $consent_id ); ?>][policy-page]" id="consent-policy-page-<?php echo esc_attr( $consent_id ); ?>">
 											<option value=""></option>
-											<?php foreach ( $pages as $page ) : ?>
-												<option value="<?php echo esc_attr( $page->ID ); ?>" <?php selected( $consent['policy-page'], $page->ID ); ?>><?php echo esc_html( $page->post_title ); ?></option>
+											<?php foreach ( $pages as $gdpr_page ) : ?>
+												<option value="<?php echo esc_attr( $gdpr_page->ID ); ?>" <?php selected( $consent['policy-page'], $gdpr_page->ID ); ?>><?php echo esc_html( $gdpr_page->post_title ); ?></option>
 											<?php endforeach ?>
 										</select>
 									</td>

diff --git a/admin/partials/templates/tmpl-tools.php b/admin/partials/templates/tmpl-tools.php
@@ -3,7 +3,7 @@
 		<h2><?php echo esc_html_e( 'Result', 'gdpr' ); ?></h2>
 		<div class="postbox">
 			<div class="inside">
-				<textarea readonly class="gdpr-audit-log-result large-text" rows="20">{{{data.result}}}</textarea>
+				<textarea readonly class="gdpr-audit-log-result large-text" rows="20">{{data.result}}</textarea>
 			</div>
 		</div>
 	</div>
@@ -32,7 +32,7 @@
 		<div class="postbox">
 			<div class="inside">
 				<div class="result">
-					{{{data.result}}}
+					{{{data.result}}} <?php // phpcs:ignore ?>
 				</div>
 			</div>
 		</div>

diff --git a/includes/class-gdpr-audit-log.php b/includes/class-gdpr-audit-log.php
@@ -68,7 +68,7 @@ private static function decrypt( $key, $data ) {
 	 */
 	public static function log( $user_id, $input ) {
 		$user      = get_user_by( 'ID', $user_id );
-		$date      = '[' . date( 'Y/m/d H:i:s' ) . '] ';
+		$date      = '[' . current_time( 'Y/m/d H:i:s' ) . '] ';
 		$encrypted = self::crypt( $user->user_email, $date . $input );
 		if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
 			add_user_attribute( $user_id, 'gdpr_audit_log', $encrypted );
@@ -110,7 +110,7 @@ public static function get_log( $email, $token = null ) {
 			if ( ! $file_found ) {
 				return false;
 			} else {
-				$log = file_get_contents( $path . $filename );
+				$log = file_get_contents( $path . $filename ); // phpcs:ignore
 				return self::decrypt( $email, $log );
 			}
 		}

diff --git a/includes/class-gdpr-email.php b/includes/class-gdpr-email.php
@@ -171,7 +171,7 @@ public static function send( $emails, $type, $args = array(), $attachments = arr
 
 		$content = self::get_email_content( 'email/' . $type . '.php', $args );
 
-		return wp_mail(
+		return wp_mail( // phpcs:ignore
 			$no_reply,
 			$possible_types[ $type ],
 			html_entity_decode( $content, ENT_QUOTES, 'UTF-8' ),

diff --git a/includes/class-gdpr-requests.php b/includes/class-gdpr-requests.php
@@ -99,7 +99,7 @@ static function user_has_content( $user ) {
 			if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
 				$post_count = wpcom_vip_count_user_posts( $user->ID, $pt );
 			} else {
-				$post_count = count_user_posts( $user->ID, $pt );
+				$post_count = count_user_posts( $user->ID, $pt ); // phpcs:ignore
 			}
 			if ( $post_count > 0 ) {
 				return true;
@@ -267,7 +267,7 @@ protected function add_to_requests( $email, $type, $data = null, $confirmed = fa
 		$key              = wp_generate_password( 20, false );
 		$requests[ $key ] = array(
 			'email'     => $email,
-			'date'      => date( 'F j, Y' ),
+			'date'      => current_time( 'F j, Y' ),
 			'type'      => $type,
 			'data'      => $data,
 			'confirmed' => $confirmed,

diff --git a/includes/class-gdpr-templates.php b/includes/class-gdpr-templates.php
@@ -56,7 +56,7 @@ public static function get_template( $template_name, $args = array() ) {
 		if ( ! file_exists( $template_file ) ) {
 			return;
 		}
-		include $template_file;
+		include $template_file; // phpcs:ignore
 	}
 
 }
diff --git a/includes/class-gdpr.php b/includes/class-gdpr.php
@@ -253,7 +253,6 @@ private function define_public_hooks() {
 
 		add_action( 'wp_enqueue_scripts', array( $plugin_public, 'enqueue_styles' ) );
 		add_action( 'wp_enqueue_scripts', array( $plugin_public, 'enqueue_scripts' ) );
-		add_action( 'init', array( $plugin_public, 'set_plugin_cookies' ) );
 		add_action( 'wp_footer', array( $plugin_public, 'overlay' ) );
 		add_action( 'wp_footer', array( $plugin_public, 'privacy_bar' ) );
 		add_action( 'wp_footer', array( $plugin_public, 'is_consent_needed' ) );
@@ -293,11 +292,10 @@ public static function similar_in_array( $needle, $haystack ) {
 	 * @author Fernando Claussen <[email protected]>
 	 * @param  int $user_id The user ID.
 	 */
-	public static function save_user_consent_on_registration( $user_id ) { // phpcs:ignore
+	public static function save_user_consent_on_registration( $user_id ) {
 		GDPR_Audit_Log::log( $user_id, esc_html__( 'User registered to the site.', 'gdpr' ) );
 
-		if ( isset( $_POST['user_consents'] ) && is_array( $_POST['user_consents'] ) ) {
-
+		if ( isset( $_POST['user_consents'] ) && is_array( $_POST['user_consents'] ) ) { // phpcs:ignore
 			$consents = array_map( 'sanitize_text_field', array_keys( wp_unslash( $_POST['user_consents'] ) ) );  // phpcs:ignore
 			foreach ( $consents as $consent ) {
 				/* translators: Name of consent */
@@ -308,7 +306,6 @@ public static function save_user_consent_on_registration( $user_id ) { // phpcs:
 					add_user_meta( $user_id, 'gdpr_consents', $consent );
 				}
 			}
-			setcookie( 'gdpr[consent_types]', wp_json_encode( $consents ), time() + YEAR_IN_SECONDS, '/' );
 		}
 	}
 
@@ -603,25 +600,29 @@ public static function save_consent( $user_id, $consent ) {
 			return false;
 		}
 		$consent_ids = array_keys( $registered_consent );
-		$user        = get_user_by( 'ID', $user_id );
 		$consent     = sanitize_text_field( wp_unslash( $consent ) );
+		$user        = get_user_by( 'ID', $user_id );
+
+		if ( ! $user ) {
+			return false;
+		}
+
+		if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
+			$user_consent = get_user_attribute( $user_id, 'gdpr_consents' );
+		} else {
+			$user_consent = get_user_meta( $user_id, 'gdpr_consents' );
+		}
 
-		if ( $user ) {
+		if ( in_array( $consent, $consent_ids, true ) && ! in_array( $consent, $user_consent, true ) ) {
 			if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
-				$user_consent = get_user_attribute( $user_id, 'gdpr_consents' );
+				add_user_attribute( $user_id, 'gdpr_consents', $consent );
 			} else {
-				$user_consent = get_user_meta( $user_id, 'gdpr_consents' );
-			}
-			if ( in_array( $consent, $consent_ids, true ) && ! in_array( $consent, $user_consent, true ) ) {
-				if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
-					add_user_attribute( $user_id, 'gdpr_consents', $consent );
-				} else {
-					add_user_meta( $user_id, 'gdpr_consents', $consent );
-				}
-				$user_consent[] = $consent;
-				setcookie( 'gdpr[consent_types]', wp_json_encode( $user_consent ), time() + YEAR_IN_SECONDS, '/' );
-				return true;
+				add_user_meta( $user_id, 'gdpr_consents', $consent );
 			}
+			$user_consent[] = $consent;
+
+			setcookie( 'gdpr_consent_types', wp_json_encode( $user_consent ), time() + YEAR_IN_SECONDS, '/' ); // phpcs:ignore
+			return true;
 		}
 
 		return false;
@@ -637,32 +638,32 @@ public static function save_consent( $user_id, $consent ) {
 	 */
 	public static function remove_consent( $user_id, $consent ) {
 		$user = get_user_by( 'ID', $user_id );
+		if ( ! $user ) {
+			return false;
+		}
+
+		if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
+			$user_consent = get_user_attribute( $user_id, 'gdpr_consents' );
+		} else {
+			$user_consent = get_user_meta( $user_id, 'gdpr_consents' );
+		}
 
-		if ( $user ) {
+		$consent = sanitize_text_field( wp_unslash( $consent ) );
+		$key     = array_search( $consent, $user_consent, true );
+		if ( false !== $key ) {
 			if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
-				$user_consent = get_user_attribute( $user_id, 'gdpr_consents' );
+				delete_user_attribute( $user_id, 'gdpr_consents', $consent );
 			} else {
-				$user_consent = get_user_meta( $user_id, 'gdpr_consents' );
-			}
-
-			$consent = sanitize_text_field( wp_unslash( $consent ) );
-			$key     = array_search( $consent, $user_consent, true );
-			if ( false !== $key ) {
-				if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {
-					delete_user_attribute( $user_id, 'gdpr_consents', $consent );
-				} else {
-					delete_user_meta( $user_id, 'gdpr_consents', $consent );
-				}
-				unset( $user_consent[ $key ] );
-				setcookie( 'gdpr[consent_types]', wp_json_encode( $user_consent ), time() + YEAR_IN_SECONDS, '/' );
-				return true;
+				delete_user_meta( $user_id, 'gdpr_consents', $consent );
 			}
+			unset( $user_consent[ $key ] );
+			setcookie( 'gdpr_consent_types', wp_json_encode( $user_consent ), time() + YEAR_IN_SECONDS, '/' ); // phpcs:ignore
+			return true;
 		}
 
 		return false;
 	}
 
-
 	/**
 	 * Generates a random 6 digit pin.
 	 * This pin is necessary to use with the audit log files.

diff --git a/includes/helper-functions.php b/includes/helper-functions.php
@@ -84,11 +84,14 @@ function gdpr_get_consent_checkboxes( $atts ) {
  * @return bool                 Whether the cookie is allowed or not.
  */
 function is_allowed_cookie( $cookie_name, $exactMatch = false ) {
-	if ( isset( $_COOKIE['gdpr']['allowed_cookies'] ) ) {
-		$allowed_cookies = array_map( 
+
+	gdpr_deprecated_function( 'is_allowed_cookie', '2.1.2' );
+
+	if ( isset( $_COOKIE['gdpr']['allowed_cookies'] ) ) { // phpcs:ignore
+		$allowed_cookies = array_map(
 			'sanitize_text_field',
 			json_decode(
-				wp_unslash( $_COOKIE['gdpr']['allowed_cookies'] ),
+				wp_unslash( $_COOKIE['gdpr']['allowed_cookies'] ), // phpcs:ignore
 				true
 			)
 		);
@@ -128,7 +131,7 @@ function have_consent( $consent ) {
 }
 
 function has_consent( $consent ) {
-
+	gdpr_deprecated_function( 'has_consent', '2.1.2' );
 	if ( is_user_logged_in() ) {
 		$user = wp_get_current_user();
 		if ( defined( 'WPCOM_IS_VIP_ENV' ) && WPCOM_IS_VIP_ENV ) {