thatguygriff
1d6ac46ba3
CI / No Debug Code (pull_request) Successful in 3s
CI / Tests (PHP 8.2) (pull_request) Successful in 48s
CI / Tests (PHP 8.3) (pull_request) Successful in 52s
CI / Coding Standards (pull_request) Successful in 57s
CI / Tests (PHP 8.1) (pull_request) Successful in 1m1s
CI / PHPStan (pull_request) Successful in 1m11s
CI / Build Plugin Zip (pull_request) Has been skipped
- Bump phpstan/phpstan ^2.0 and szepeviktor/phpstan-wordpress ^2.0 - Move the analysis level into phpstan.neon (single source) and raise it to 10 - Add Val, a runtime coercion helper that narrows untyped WordPress boundary values (wpdb rows, REST params, superglobals, options) with explicit checks instead of blind casts, plus unit tests - Type value-object fromRow() params as stdClass (what wpdb returns) and map columns through Val so unexpected shapes degrade safely - Use %i identifier placeholders for table names in all wpdb::prepare() calls so every query string is a literal and identifiers are escaped by WordPress; raises the minimum WordPress version to 6.2 where %i was introduced - Guard wpdb::prepare() null result before wpdb::query() in updateTax() - Fix nullable get_permalink()/strtotime() handling, list types at REST and capability call sites, dead null-coalescing on checked superglobals, and narrow get_users() results before mapping - Register Val method names with the ValidatedSanitizedInput sniff so it validates the real sanitizer around each superglobal read - Update repository unit tests for the %i placeholder arguments Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
88 lines
2.2 KiB
PHP
88 lines
2.2 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace Unsupervised\Schedular\Registration;
|
|
|
|
class QuestionRepository {
|
|
|
|
private string $table;
|
|
|
|
public function __construct( private \wpdb $db ) {
|
|
$this->table = $db->prefix . 'us_questions';
|
|
}
|
|
|
|
public function insert( Question $question ): int {
|
|
$this->db->insert(
|
|
$this->table,
|
|
$this->columns( $question ) + [ 'created_at' => current_time( 'mysql' ) ],
|
|
[ '%d', '%s', '%s', '%s', '%d', '%d', '%d', '%s' ]
|
|
);
|
|
|
|
return $this->db->insert_id;
|
|
}
|
|
|
|
public function update( int $id, Question $question ): bool {
|
|
return false !== $this->db->update(
|
|
$this->table,
|
|
$this->columns( $question ),
|
|
[ 'id' => $id ],
|
|
[ '%d', '%s', '%s', '%s', '%d', '%d', '%d' ],
|
|
[ '%d' ]
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Column values shared by insert and update (excludes created_at).
|
|
*
|
|
* @return array<string, mixed>
|
|
*/
|
|
private function columns( Question $question ): array {
|
|
return [
|
|
'offering_id' => $question->offeringId,
|
|
'label' => $question->label,
|
|
'field_type' => $question->fieldType,
|
|
'options' => null === $question->options ? null : (string) wp_json_encode( $question->options ),
|
|
'is_required' => $question->isRequired ? 1 : 0,
|
|
'sort_order' => $question->sortOrder,
|
|
'is_active' => $question->isActive ? 1 : 0,
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Find questions for an offering, ordered for display.
|
|
*
|
|
* @return list<Question>
|
|
*/
|
|
public function findByOffering( int $offeringId, bool $activeOnly = false ): array {
|
|
$sql = 'SELECT * FROM %i WHERE offering_id = %d';
|
|
$params = [ $this->table, $offeringId ];
|
|
|
|
if ( $activeOnly ) {
|
|
$sql .= ' AND is_active = %d';
|
|
$params[] = 1;
|
|
}
|
|
|
|
$sql .= ' ORDER BY sort_order ASC, id ASC';
|
|
|
|
$rows = $this->db->get_results( $this->db->prepare( $sql, $params ) );
|
|
|
|
return array_map( Question::fromRow( ... ), $rows ?? [] );
|
|
}
|
|
|
|
public function findById( int $id ): ?Question {
|
|
$row = $this->db->get_row(
|
|
$this->db->prepare( 'SELECT * FROM %i WHERE id = %d', $this->table, $id )
|
|
);
|
|
|
|
return $row ? Question::fromRow( $row ) : null;
|
|
}
|
|
|
|
public function delete( int $id ): bool {
|
|
return (bool) $this->db->delete(
|
|
$this->table,
|
|
[ 'id' => $id ],
|
|
[ '%d' ]
|
|
);
|
|
}
|
|
}
|