crm: Set up infrastructure to run tests in CI

.github/files/setup-wordpress-env.sh

@@ -10,7 +10,7 @@
 # - WP_BRANCH: Version of WordPress to check out.
 #
 # Other:
-# - GITHUB_PATH: File written to if set to propagate composer path.
+# - GITHUB_ENV: File written to to set environment variables for later steps.
 
 set -eo pipefail
 
@@ -52,6 +52,11 @@ rm -rf "/tmp/wordpress-$WP_BRANCH/src"
 git clone --depth=1 --branch "$TAG" git://core.git.wordpress.org/ "/tmp/wordpress-$WP_BRANCH/src"
 echo "::endgroup::"
 
+if [[ -n "$GITHUB_ENV" ]]; then
+	echo "WORDPRESS_DEVELOP_DIR=/tmp/wordpress-$WP_BRANCH" >> "$GITHUB_ENV"
+	echo "WORDPRESS_DIR=/tmp/wordpress-$WP_BRANCH/src" >> "$GITHUB_ENV"
+fi
+
 # Don't symlink, it breaks when copied later.
 export COMPOSER_MIRROR_PATH_REPOS=true
 

projects/plugins/crm/.phpcs.dir.xml

@@ -52,4 +52,11 @@
 	<rule ref="PHPCompatibility.Interfaces.NewInterfaces.throwableFound">
 		<severity>0</severity>
 	</rule>
+
+	<!-- Custom JPCRM escape function -->
+	<rule ref="WordPress.Security.EscapeOutput">
+		<properties>
+			<property name="customAutoEscapedFunctions" type="array" value="jpcrm_esc_link"/>
+		</properties>
+	</rule>
 </ruleset>

projects/plugins/crm/admin/contact/view.page.php

@@ -211,19 +211,8 @@ function jpcrm_render_contact_view_page( $id = -1 ) {
 																										// if url isset, pass that data-action, otherwise leave for js to attach to
 																										if ( isset( $action['url'] ) && ! empty( $action['url'] ) ) {
 																											?>
-									data-action="
-																											<?php
-																											if ( isset( $action['url'] ) ) {
-																												echo 'url';
-																											}
-																											?>
-									" data-url="
-																											<?php
-																											if ( isset( $action['url'] ) ) {
-																												echo esc_attr( $action['url'] );
-																											}
-																											?>
-									"
+									data-action="<?php echo isset( $action['url'] ) ? 'url' : ''; ?>"
+									data-url="<?php echo isset( $action['url'] ) ? esc_attr( $action['url'] ) : ''; ?>"
 																											<?php
 																										}
 

projects/plugins/crm/admin/settings/business-info.page.php

@@ -112,24 +112,14 @@
 
 		<tr>
 			<td class="wfieldname"><label for="businessname"><?php esc_html_e( 'Your Business Name', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="businessname" id="businessname" value="
-			<?php
-			if ( isset( $settings['businessname'] ) && ! empty( $settings['businessname'] ) ) {
-				echo esc_attr( $settings['businessname'] );}
-			?>
-			" placeholder="e.g. Widget Co Ltd." /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="businessname" id="businessname" value="<?php echo empty( $settings['businessname'] ) ? '' : esc_attr( $settings['businessname'] ); ?>" placeholder="e.g. Widget Co Ltd." /></td>
 		</tr>
 
 
 		<tr>
 			<td class="wfieldname"><label for="wpzbscrm_invoicelogourl"><?php esc_html_e( 'Your Business Logo', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'Enter an URL here, or upload a default logo to use on your invoices etc.', 'zero-bs-crm' ); ?></td>
 			<td style="width:540px">
-				<input style="width:90%;padding:10px;" name="wpzbscrm_invoicelogourl" id="wpzbscrm_invoicelogourl" class="form-control link" type="text" value="
-				<?php
-				if ( isset( $settings['invoicelogourl'] ) && ! empty( $settings['invoicelogourl'] ) ) {
-					echo esc_attr( $settings['invoicelogourl'] );}
-				?>
-				" />
+				<input style="width:90%;padding:10px;" name="wpzbscrm_invoicelogourl" id="wpzbscrm_invoicelogourl" class="form-control link" type="text" value="<?php echo empty( $settings['invoicelogourl'] ) ? '' : esc_attr( $settings['invoicelogourl'] ); ?>" />
 				<button id="wpzbscrm_invoicelogourlAdd" class="button" type="button"><?php esc_html_e( 'Upload Image', 'zero-bs-crm' ); ?></button>
 			</td>
 		</tr>
@@ -150,42 +140,22 @@
 
 		<tr>
 			<td class="wfieldname"><label for="businessyourname"><?php esc_html_e( 'Owner Name', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'The name of the business owner which will be shown on your invoices.', 'zero-bs-crm' ); ?></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="businessyourname" id="businessyourname" value="
-			<?php
-			if ( isset( $settings['businessyourname'] ) && ! empty( $settings['businessyourname'] ) ) {
-				echo esc_attr( $settings['businessyourname'] );}
-			?>
-			" placeholder="e.g. John Doe" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="businessyourname" id="businessyourname" value="<?php echo empty( $settings['businessyourname'] ) ? '' : esc_attr( $settings['businessyourname'] ); ?>" placeholder="e.g. John Doe" /></td>
 		</tr>
 
 		<tr>
 			<td class="wfieldname"><label for="businessyouremail"><?php esc_html_e( 'Business Contact Email', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="businessyouremail" id="businessyouremail" value="
-			<?php
-			if ( isset( $settings['businessyouremail'] ) && ! empty( $settings['businessyouremail'] ) ) {
-				echo esc_attr( $settings['businessyouremail'] );}
-			?>
-			" placeholder="e.g. [email protected]" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="businessyouremail" id="businessyouremail" value="<?php echo empty( $settings['businessyouremail'] ) ? '' : esc_attr( $settings['businessyouremail'] ); ?>" placeholder="e.g. [email protected]" /></td>
 		</tr>
 
 		<tr>
 			<td class="wfieldname"><label for="businessyoururl"><?php esc_html_e( 'Business Website URL', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="businessyoururl" id="businessyoururl" value="
-			<?php
-			if ( isset( $settings['businessyoururl'] ) && ! empty( $settings['businessyoururl'] ) ) {
-				echo esc_attr( $settings['businessyoururl'] );}
-			?>
-			" placeholder="e.g. https://example.com" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="businessyoururl" id="businessyoururl" value="<?php echo empty( $settings['businessyoururl'] ) ? '' : esc_attr( $settings['businessyoururl'] ); ?>" placeholder="e.g. https://example.com" /></td>
 		</tr>
 
 		<tr>
 			<td class="wfieldname"><label for="businesstel"><?php esc_html_e( 'Business Telephone Number', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="businesstel" id="businesstel" value="
-			<?php
-			if ( isset( $settings['businesstel'] ) && ! empty( $settings['businesstel'] ) ) {
-				echo esc_attr( $settings['businesstel'] );}
-			?>
-			" placeholder="" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="businesstel" id="businesstel" value="<?php echo empty( $settings['businesstel'] ) ? '' : esc_attr( $settings['businesstel'] ); ?>" placeholder="" /></td>
 		</tr>
 
 
@@ -209,32 +179,17 @@
 
 		<tr>
 			<td class="wfieldname"><label for="wpzbs_twitter"><?php esc_html_e( 'Twitter Handle', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="wpzbs_twitter" id="wpzbs_twitter" value="
-			<?php
-			if ( isset( $settings['twitter'] ) && ! empty( $settings['twitter'] ) ) {
-				echo esc_attr( $settings['twitter'] );}
-			?>
-			" placeholder="e.g. twitter (no @)" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="wpzbs_twitter" id="wpzbs_twitter" value="<?php echo empty( $settings['twitter'] ) ? '' : esc_attr( $settings['twitter'] ); ?>" placeholder="e.g. twitter (no @)" /></td>
 		</tr>
 
 		<tr>
 			<td class="wfieldname"><label for="wpzbs_facebook"><?php esc_html_e( 'Facebook Page', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="wpzbs_facebook" id="wpzbs_facebook" value="
-			<?php
-			if ( isset( $settings['facebook'] ) && ! empty( $settings['facebook'] ) ) {
-				echo esc_attr( $settings['facebook'] );}
-			?>
-			" placeholder="e.g. facebookpagename" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="wpzbs_facebook" id="wpzbs_facebook" value="<?php echo empty( $settings['facebook'] ) ? '' : esc_attr( $settings['facebook'] ); ?>" placeholder="e.g. facebookpagename" /></td>
 		</tr>
 
 		<tr>
 			<td class="wfieldname"><label for="wpzbs_linkedin"><?php esc_html_e( 'LinkedIn ID', 'zero-bs-crm' ); ?>:</label></td>
-			<td style="width:540px"><input type="text" class="winput form-control" name="wpzbs_linkedin" id="wpzbs_linkedin" value="
-			<?php
-			if ( isset( $settings['linkedin'] ) && ! empty( $settings['linkedin'] ) ) {
-				echo esc_attr( $settings['linkedin'] );}
-			?>
-			" placeholder="e.g. linkedinco" /></td>
+			<td style="width:540px"><input type="text" class="winput form-control" name="wpzbs_linkedin" id="wpzbs_linkedin" value="<?php echo empty( $settings['linkedin'] ) ? '' : esc_attr( $settings['linkedin'] ); ?>" placeholder="e.g. linkedinco" /></td>
 		</tr>
 		<?php // WLREMOVE ?>
 		<tr>

projects/plugins/crm/admin/settings/forms.page.php

@@ -98,21 +98,11 @@
 			</tr>
 			<tr>
 				<td class="wfieldname"><label for="wpzbscrm_gcaptchasitekey"><?php esc_html_e( 'reCaptcha Site Key', 'zero-bs-crm' ); ?></label><br /></td>
-				<td><input type="text" class="winput form-control" name="wpzbscrm_gcaptchasitekey" id="wpzbscrm_gcaptchasitekey" value="
-				<?php
-				if ( isset( $settings['gcaptchasitekey'] ) && ! empty( $settings['gcaptchasitekey'] ) ) {
-					echo esc_attr( $settings['gcaptchasitekey'] );}
-				?>
-				" placeholder="e.g. 6LekCyoTAPPPALWpHONFsRO5RQPOqoHfehdb4iqG" /></td>
+				<td><input type="text" class="winput form-control" name="wpzbscrm_gcaptchasitekey" id="wpzbscrm_gcaptchasitekey" value="<?php echo empty( $settings['gcaptchasitekey'] ) ? '' : esc_attr( $settings['gcaptchasitekey'] ); ?>" placeholder="e.g. 6LekCyoTAPPPALWpHONFsRO5RQPOqoHfehdb4iqG" /></td>
 			</tr>
 			<tr>
 				<td class="wfieldname"><label for="wpzbscrm_gcaptchasitesecret"><?php esc_html_e( 'reCaptcha Site Secret', 'zero-bs-crm' ); ?></label><br /></td>
-				<td><input type="text" class="winput form-control" name="wpzbscrm_gcaptchasitesecret" id="wpzbscrm_gcaptchasitesecret" value="
-				<?php
-				if ( isset( $settings['gcaptchasitesecret'] ) && ! empty( $settings['gcaptchasitesecret'] ) ) {
-					echo esc_attr( $settings['gcaptchasitesecret'] );}
-				?>
-				" placeholder="e.g. 6LekCyoTAAPPAJbQ1rq81117nMoo9y45fB3OLJVx" /></td>
+				<td><input type="text" class="winput form-control" name="wpzbscrm_gcaptchasitesecret" id="wpzbscrm_gcaptchasitesecret" value="<?php echo empty( $settings['gcaptchasitesecret'] ) ? '' : esc_attr( $settings['gcaptchasitesecret'] ); ?>" placeholder="e.g. 6LekCyoTAAPPAJbQ1rq81117nMoo9y45fB3OLJVx" /></td>
 			</tr>
 
 			</tbody>

projects/plugins/crm/admin/settings/general.page.php

@@ -529,25 +529,15 @@
 			<tr>
 				<td class="wfieldname"><label for="wpzbscrm_loginlogourl"><?php esc_html_e( 'Login Logo Override', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'Enter an URL here, or upload a logo to override the WordPress login logo!', 'zero-bs-crm' ); ?></td>
 				<td style="width:540px">
-					<input style="width:90%;padding:10px;" name="wpzbscrm_loginlogourl" id="wpzbscrm_loginlogourl" class="form-control link" type="text" value="
-					<?php
-					if ( isset( $settings['loginlogourl'] ) && ! empty( $settings['loginlogourl'] ) ) {
-						echo esc_attr( $settings['loginlogourl'] );}
-					?>
-					" />
+					<input style="width:90%;padding:10px;" name="wpzbscrm_loginlogourl" id="wpzbscrm_loginlogourl" class="form-control link" type="text" value="<?php echo empty( $settings['loginlogourl'] ) ? '' : esc_attr( $settings['loginlogourl'] ); ?>" />
 					<button id="wpzbscrm_loginlogourlAdd" class="button" type="button"><?php esc_html_e( 'Upload Image', 'zero-bs-crm' ); ?></button>
 				</td>
 			</tr>
 
 
 			<tr>
 				<td class="wfieldname"><label for="wpzbscrm_customheadertext"><?php esc_html_e( 'Custom CRM Header', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'Naming your CRM with the above \'Override WordPress\' option selected will show a custom header with that name', 'zero-bs-crm' ); ?></td>
-				<td><input type="text" class="winput form-control" name="wpzbscrm_customheadertext" id="wpzbscrm_customheadertext" value="
-				<?php
-				if ( isset( $settings['customheadertext'] ) && ! empty( $settings['customheadertext'] ) ) {
-					echo esc_attr( $settings['customheadertext'] );}
-				?>
-				" placeholder="e.g. <?php esc_html_e( 'Your CRM', 'zero-bs-crm' ); ?>" /></td>
+				<td><input type="text" class="winput form-control" name="wpzbscrm_customheadertext" id="wpzbscrm_customheadertext" value="<?php echo empty( $settings['customheadertext'] ) ? '' : esc_attr( $settings['customheadertext'] ); ?>" placeholder="e.g. <?php esc_html_e( 'Your CRM', 'zero-bs-crm' ); ?>" /></td>
 			</tr>
 
 			<tr>

projects/plugins/crm/admin/settings/invoicing.page.php

@@ -290,7 +290,7 @@
 				<td class="wfieldname">
 					<div class="ui teal label right floated"><i class="circle info icon link"></i>  <a href="<?php echo esc_url( $zbs->urls['kbtemplatefiles'] ); ?>" target="_blank"><?php esc_html_e( 'Read more', 'zero-bs-crm' ); ?></a></div>
 					<label for="inv_pdf_template"><?php esc_html_e( 'Invoice PDF Template', 'zero-bs-crm' ); ?>:</label><br />
-					<?php esc_html_e( 'Select a template for invoice PDFs.', 'zero-bs-crm' ); ?>                    
+					<?php esc_html_e( 'Select a template for invoice PDFs.', 'zero-bs-crm' ); ?>
 				</td>
 				<td>
 				<?php
@@ -330,23 +330,13 @@
 
 			<tr>
 				<td class="wfieldname"><label for="businessextra"><?php esc_html_e( 'Extra Invoice Info', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'This information is (optionally) added to your invoice', 'zero-bs-crm' ); ?></td>
-				<td style="width:540px"><textarea class="winput form-control" name="businessextra" id="businessextra"  placeholder="<?php esc_attr_e( 'e.g. Your Address', 'zero-bs-crm' ); ?>" >
-																																						<?php
-																																						if ( isset( $settings['businessextra'] ) && ! empty( $settings['businessextra'] ) ) {
-																																							echo wp_kses( $settings['businessextra'], $zbs->acceptable_restricted_html );}
-																																						?>
-				</textarea></td>
+				<td style="width:540px"><textarea class="winput form-control" name="businessextra" id="businessextra"  placeholder="<?php esc_attr_e( 'e.g. Your Address', 'zero-bs-crm' ); ?>" ><?php echo empty( $settings['businessextra'] ) ? '' : wp_kses( $settings['businessextra'], $zbs->acceptable_restricted_html ); ?></textarea></td>
 			</tr>
 
 
 			<tr>
 				<td class="wfieldname"><label for="paymentinfo"><?php esc_html_e( 'Payment Info', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'This information is (optionally) added to your invoice', 'zero-bs-crm' ); ?></td>
-				<td style="width:540px"><textarea class="winput form-control" name="paymentinfo" id="paymentinfo"  placeholder="<?php esc_attr_e( 'e.g. BACS details', 'zero-bs-crm' ); ?>" >
-																																					<?php
-																																					if ( isset( $settings['paymentinfo'] ) && ! empty( $settings['paymentinfo'] ) ) {
-																																						echo wp_kses( $settings['paymentinfo'], $zbs->acceptable_restricted_html );}
-																																					?>
-				</textarea></td>
+				<td style="width:540px"><textarea class="winput form-control" name="paymentinfo" id="paymentinfo"  placeholder="<?php esc_attr_e( 'e.g. BACS details', 'zero-bs-crm' ); ?>" ><?php echo empty( $settings['paymentinfo'] ) ? '' : wp_kses( $settings['paymentinfo'], $zbs->acceptable_restricted_html ); ?></textarea></td>
 			</tr>
 
 			<tr>
@@ -440,19 +430,14 @@
 
 			<tr>
 				<td class="wfieldname"><label for="zbsi_statementextra"><?php esc_html_e( 'Extra Statement Info', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'This information is (optionally) added to your statements (e.g. How to pay)', 'zero-bs-crm' ); ?></td>
-				<td style="width:540px"><textarea class="winput form-control" name="zbsi_statementextra" id="zbsi_statementextra"  placeholder="<?php esc_attr_e( 'e.g. BACS details', 'zero-bs-crm' ); ?>" >
-																																									<?php
-																																									if ( isset( $settings['statementextra'] ) && ! empty( $settings['statementextra'] ) ) {
-																																										echo wp_kses( $settings['statementextra'], $zbs->acceptable_restricted_html );}
-																																									?>
-				</textarea></td>
+				<td style="width:540px"><textarea class="winput form-control" name="zbsi_statementextra" id="zbsi_statementextra"  placeholder="<?php esc_attr_e( 'e.g. BACS details', 'zero-bs-crm' ); ?>" ><?php echo empty( $settings['statementextra'] ) ? '' : wp_kses( $settings['statementextra'], $zbs->acceptable_restricted_html ); ?></textarea></td>
 			</tr>
 
 			<tr>
 				<td class="wfieldname">
 					<div class="ui teal label right floated"><i class="circle info icon link"></i>  <a href="<?php echo esc_url( $zbs->urls['kbtemplatefiles'] ); ?>" target="_blank"><?php esc_html_e( 'Read more', 'zero-bs-crm' ); ?></a></div>
 					<label for="statement_pdf_template"><?php esc_html_e( 'Statement PDF Template', 'zero-bs-crm' ); ?>:</label><br />
-					<?php esc_html_e( 'Select a template for statement PDFs.', 'zero-bs-crm' ); ?>                    
+					<?php esc_html_e( 'Select a template for statement PDFs.', 'zero-bs-crm' ); ?>
 				</td>
 				<td>
 				<?php
@@ -484,24 +469,14 @@
 
 			<tr>
 				<td class="wfieldname"><label for="paythanks"><?php esc_html_e( 'Thank You', 'zero-bs-crm' ); ?>:</label><br /><?php esc_html_e( 'If text is specified, it will be shown after a user pays for their invoice via portal.', 'zero-bs-crm' ); ?></td>
-				<td style="width:540px"><textarea class="winput form-control" name="paythanks" id="paythanks"  placeholder="<?php esc_attr_e( 'e.g. Thank you for your custom. If you have any questions let us know', 'zero-bs-crm' ); ?>" >
-																																				<?php
-																																				if ( isset( $settings['paythanks'] ) && ! empty( $settings['paythanks'] ) ) {
-																																					echo wp_kses( $settings['paythanks'], $zbs->acceptable_restricted_html );}
-																																				?>
-				</textarea></td>
+				<td style="width:540px"><textarea class="winput form-control" name="paythanks" id="paythanks"  placeholder="<?php esc_attr_e( 'e.g. Thank you for your custom. If you have any questions let us know', 'zero-bs-crm' ); ?>" ><?php echo empty( $settings['paythanks'] ) ? '' : wp_kses( $settings['paythanks'], $zbs->acceptable_restricted_html ); ?></textarea></td>
 			</tr>
 
 			<tr>
 				<td colspan="2">
 					<p style="text-align:center"><?php esc_html_e( 'Looking for easy-access link settings? You can turn configure those via the Client Portal settings page.', 'zero-bs-crm' ); ?></p>
 					<p style="text-align:center">
-						<a href="
-						<?php
-						echo jpcrm_esc_link( $zbs->slugs['settings'] );
-						echo '&tab=clients';
-						?>
-						" class="ui mini button blue"><?php esc_html_e( 'View Client Portal Settings', 'zero-bs-crm' ); ?></a>
+						<a href="<?php echo jpcrm_esc_link( $zbs->slugs['settings'] ); ?>&tab=clients" class="ui mini button blue"><?php esc_html_e( 'View Client Portal Settings', 'zero-bs-crm' ); ?></a>
 						<?php // WLREMOVE ?>
 						<a href="<?php echo esc_url( $zbs->urls['easyaccessguide'] ); ?>" target="_blank" class="ui mini button green"><?php esc_html_e( 'View Easy-Access Links Guide', 'zero-bs-crm' ); ?></a>
 						<?php // /WLREMOVE ?>