diff --git a/.editorconfig b/.editorconfig index 79207a40cb9326b8c6b8c958fa864b5345f94e68..0fcdf7fd4fc5705384ea40f93be21e0fc85ac557 100755 --- a/.editorconfig +++ b/.editorconfig @@ -17,6 +17,3 @@ indent_size = 4 [{.jshintrc,*.json,*.yml}] indent_style = space indent_size = 2 - -[{*.txt,wp-config-sample.php}] -end_of_line = crlf diff --git a/README.md b/README.md index a9166e400919ee66468366d3d72dda5e6a2bc899..e33e80de4a8e784357978575eb1830680acfb9c3 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ **Tags:** seo, meta tags **Requires at least:** 4.4 **Tested up to:** 5.2 -**Stable tag:** 0.5 +**Stable tag:** 0.6 **License:** GPLv2 or later **License URI:** http://www.gnu.org/licenses/gpl-2.0.html @@ -30,8 +30,25 @@ For example, http://example.com/?p=123 becomes http://example.com/p/123/. No, shortlinks use the posts' IDs, so aren't available for modification. +### Why aren't redirects validated? ### + +Sites may use plugins that allow a post object's permalink to be set to an external URL, and this plugin is designed to respect those plugins. + +If you wish to validate the redirects issued by this plugin, you can use the `eth_simple_shortlinks_redirect_url` filter to apply `wp_validate_redirect()` to the destination URL. + +### After upgrading to 0.6, redirects stopped working ### + +Beginning with release 0.6, before performing a redirect, the plugin checks that the post type and post status are supported. Previously, these checks were only applied when overriding an object's shortlink. + +If, after upgrading, redirects stop working, use the `eth_simple_shortlinks_allowed_post_types` and `eth_simple_shortlinks_allowed_post_statuses` filters to permit additional types and statuses, or use the `eth_simple_shortlinks_verify_requested_post_support` filter to disable the supports checks. + ## Changelog ## +### 0.6 ### +* Introduce filters in redirection handling. +* Apply supported post-type and post-status checks before redirecting. +* Conform to WordPress VIP's Coding Standards. + ### 0.5 ### * Admin notices when permalinks won't support the plugin * Disable plugin functionality when permalink structure is incompatible @@ -39,3 +56,9 @@ No, shortlinks use the posts' IDs, so aren't available for modification. ### 0.4 ### * Initial release + +## Upgrade Notice ## + +### 0.6 ### + +Applies supported post-type and post-status checks before performing redirect. If, after upgrading, redirects stop working, see the "After upgrading to 0.6, redirects stopped working" section of the FAQ. diff --git a/eth-simple-shortlinks.php b/eth-simple-shortlinks.php index e0894c591ca7a760532b5208349e40faf97b101e..22eda06b43046b71a242adb3dd7f04bc731b1670 100644 --- a/eth-simple-shortlinks.php +++ b/eth-simple-shortlinks.php @@ -10,7 +10,7 @@ * Plugin URI: https://ethitter.com/plugins/ * Description: Simple non-GET shortlinks using post IDs * Author: Erick Hitter - * Version: 0.5 + * Version: 0.6 * Author URI: https://ethitter.com/ * Text Domain: eth_simple_shortlinks * Domain Path: /languages/ diff --git a/inc/class-eth-simple-shortlinks.php b/inc/class-eth-simple-shortlinks.php index 3b75ba103a9b7accd7b9cd978c60ab28d09d76bf..946be983836d03b6ae82a46f5c522c55aa8687b9 100644 --- a/inc/class-eth-simple-shortlinks.php +++ b/inc/class-eth-simple-shortlinks.php @@ -275,25 +275,56 @@ class ETH_Simple_Shortlinks { return; } - $dest = get_permalink( $request->query_vars['p'] ); + $post_object = get_post( $request->query_vars['p'] ); + + if ( ! $post_object instanceof WP_Post ) { + return; + } + + /** + * Filters if post type and status should be validated. + * + * @since 0.6 + * + * @param bool $validate Perform validation. + * @param WP_Post $post_object Post being redirected to. + * @param WP $request WP object. + */ + if ( + apply_filters( 'eth_simple_shortlinks_verify_requested_post_support', true, $post_object, $request ) && + ( + ! $this->is_supported_post_type( $post_object->post_type ) || + ! $this->is_supported_post_status( $post_object->post_status ) + ) + ) { + return; + } + + $dest = get_permalink( $post_object ); /** * Filters the redirect URL. * - * @param string $dest Redirect destination. - * @param WP $request WP object. + * @since 0.6 + * + * @param string $dest Redirect destination. + * @param WP_Post $post_object Post being redirected to. + * @param WP $request WP object. */ - $dest = apply_filters( 'eth_simple_shortlinks_redirect_url', $dest, $request ); + $dest = apply_filters( 'eth_simple_shortlinks_redirect_url', $dest, $post_object, $request ); if ( $dest ) { /** * Filters the redirect status code. * - * @param int $status_code Redirect status code. - * @param string $dest Redirect destination. - * @param WP $request WP object. + * @since 0.6 + * + * @param int $status_code Redirect status code. + * @param string $dest Redirect destination. + * @param WP_Post $post_object Post being redirected to. + * @param WP $request WP object. */ - $status_code = (int) apply_filters( 'eth_simple_shortlinks_redirect_status', 301, $dest, $request ); + $status_code = (int) apply_filters( 'eth_simple_shortlinks_redirect_status', 301, $dest, $post_object, $request ); // URLs aren't validated in case plugins filter permalinks to point to external URLs. // phpcs:ignore WordPress.Security.SafeRedirect.wp_redirect_wp_redirect diff --git a/languages/eth-simple-shortlinks.pot b/languages/eth-simple-shortlinks.pot index bf9b3a5f7cec79430b85db643333b98b4e8b850a..009706d11355e79195bcc80e9700dca4a06db205 100644 --- a/languages/eth-simple-shortlinks.pot +++ b/languages/eth-simple-shortlinks.pot @@ -2,10 +2,10 @@ # This file is distributed under the same license as the ETH Simple Shortlinks package. msgid "" msgstr "" -"Project-Id-Version: ETH Simple Shortlinks 0.5\n" +"Project-Id-Version: ETH Simple Shortlinks 0.6\n" "Report-Msgid-Bugs-To: " "https://wordpress.org/support/plugin/eth-simple-shortlinks\n" -"POT-Creation-Date: 2019-04-14 04:31:11+00:00\n" +"POT-Creation-Date: 2019-05-12 21:28:24+00:00\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" @@ -25,31 +25,35 @@ msgstr "" "X-Poedit-Bookmarks: \n" "X-Textdomain-Support: yes\n" -#: eth-simple-shortlinks.php:51 eth-simple-shortlinks.php:52 +#: inc/class-eth-simple-shortlinks.php:38 +#: inc/class-eth-simple-shortlinks.php:45 msgid "Cheatin’ uh?" msgstr "" -#: eth-simple-shortlinks.php:138 +#: inc/class-eth-simple-shortlinks.php:191 +#. translators: 1: URL of permalink options page. msgid "" "Please visit the <a href=\"%1$s\">Permalinks</a> settings page to refresh " "your permalinks. Doing so will add the rules this plugin requires." msgstr "" -#: eth-simple-shortlinks.php:141 +#: inc/class-eth-simple-shortlinks.php:201 +#. translators: 1: URL of permalink options page. msgid "" "Please enable <a href=\"%1$s\">pretty permalinks</a>, otherwise disable " "this plugin as it is not compatible with \"Plain\" permalinks." msgstr "" -#: eth-simple-shortlinks.php:146 +#: inc/class-eth-simple-shortlinks.php:213 +#. translators: 1: Plugin name, 2: Notice text. msgid "<strong>%1$s</strong>: %2$s" msgstr "" -#: eth-simple-shortlinks.php:251 +#: inc/class-eth-simple-shortlinks.php:402 msgid "Shortlink" msgstr "" -#: eth-simple-shortlinks.php:293 +#: inc/class-eth-simple-shortlinks.php:459 msgid "" "Shortlinks cannot be generated until after <code>wp_loaded</code>; this " "ensures that all post types are registered." diff --git a/readme.txt b/readme.txt index 5c47f052e0e907f0fb4f4d5fcd4156b2397399d0..42ca0fee77b1857e91599de6ecc5286445d15185 100644 --- a/readme.txt +++ b/readme.txt @@ -4,7 +4,7 @@ Donate link: https://ethitter.com/donate/ Tags: seo, meta tags Requires at least: 4.4 Tested up to: 5.2 -Stable tag: 0.5 +Stable tag: 0.6 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -30,8 +30,25 @@ For example, http://example.com/?p=123 becomes http://example.com/p/123/. No, shortlinks use the posts' IDs, so aren't available for modification. += Why aren't redirects validated? = + +Sites may use plugins that allow a post object's permalink to be set to an external URL, and this plugin is designed to respect those plugins. + +If you wish to validate the redirects issued by this plugin, you can use the `eth_simple_shortlinks_redirect_url` filter to apply `wp_validate_redirect()` to the destination URL. + += After upgrading to 0.6, redirects stopped working = + +Beginning with release 0.6, before performing a redirect, the plugin checks that the post type and post status are supported. Previously, these checks were only applied when overriding an object's shortlink. + +If, after upgrading, redirects stop working, use the `eth_simple_shortlinks_allowed_post_types` and `eth_simple_shortlinks_allowed_post_statuses` filters to permit additional types and statuses, or use the `eth_simple_shortlinks_verify_requested_post_support` filter to disable the supports checks. + == Changelog == += 0.6 = +* Introduce filters in redirection handling. +* Apply supported post-type and post-status checks before redirecting. +* Conform to WordPress VIP's Coding Standards. + = 0.5 = * Admin notices when permalinks won't support the plugin * Disable plugin functionality when permalink structure is incompatible @@ -39,3 +56,9 @@ No, shortlinks use the posts' IDs, so aren't available for modification. = 0.4 = * Initial release + +== Upgrade Notice == + += 0.6 = + +Applies supported post-type and post-status checks before performing redirect. If, after upgrading, redirects stop working, see the "After upgrading to 0.6, redirects stopped working" section of the FAQ.