James Griffin
ed49924f95
All checks were successful
CI / Coding Standards (push) Successful in 44s
CI / PHPStan (push) Successful in 49s
CI / Tests (PHP 8.1) (push) Successful in 54s
CI / Tests (PHP 8.2) (push) Successful in 51s
CI / Tests (PHP 8.3) (push) Successful in 39s
CI / No Debug Code (push) Successful in 3s
- Add phpcs.xml.dist: excludes PSR-4 file naming, camelCase naming, short array syntax, and redundant per-method/property docblocks - Fix wp_unslash() on all $_POST reads (LoginPage, AvailabilityController) - Add phpcs:ignore for password field (must not be sanitized) - Fix Yoda conditions throughout (AvailabilityRepository, AvailabilityEndpoint, BookingEndpoint, AvailabilityController) - Fix inline comments to end with full stops (AdminMenu) - Replace short ternary ?: with explicit full ternary (BookingEndpoint) - Rename $namespace param to $route_namespace (reserved keyword warning) - Add short descriptions to doc blocks that had tag-only blocks - Add nonce suppression comment in handleFormAction (nonce verified by caller) - Update composer.json and CI to use phpcs.xml.dist Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
50 lines
1.5 KiB
PHP
50 lines
1.5 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace Unsupervised\Schedular\Frontend;
|
|
|
|
class LoginPage {
|
|
|
|
/**
|
|
* Renders the student login shortcode output.
|
|
*
|
|
* @param array<string, string> $atts Shortcode attributes (unused — reserved for future options).
|
|
*/
|
|
public function render( array $atts ): string { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found
|
|
if ( is_user_logged_in() ) {
|
|
$redirect = esc_url( (string) get_permalink() );
|
|
return sprintf(
|
|
'<p>%s <a href="%s">%s</a>.</p>',
|
|
esc_html__( 'You are already logged in.', 'unsupervised-schedular' ),
|
|
$redirect,
|
|
esc_html__( 'View available lessons', 'unsupervised-schedular' )
|
|
);
|
|
}
|
|
|
|
$error = '';
|
|
$redirect = sanitize_url( (string) get_permalink() );
|
|
|
|
if ( isset( $_POST['us_login'] ) && check_admin_referer( 'us_student_login' ) ) {
|
|
$credentials = [
|
|
'user_login' => sanitize_user( wp_unslash( $_POST['log'] ?? '' ) ),
|
|
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- passwords must not be sanitized.
|
|
'user_password' => wp_unslash( $_POST['pwd'] ?? '' ),
|
|
'remember' => isset( $_POST['rememberme'] ),
|
|
];
|
|
|
|
$user = wp_signon( $credentials, false );
|
|
|
|
if ( is_wp_error( $user ) ) {
|
|
$error = esc_html__( 'Invalid username or password.', 'unsupervised-schedular' );
|
|
} else {
|
|
wp_safe_redirect( $redirect );
|
|
exit;
|
|
}
|
|
}
|
|
|
|
ob_start();
|
|
include USC_PLUGIN_DIR . 'templates/frontend/login-page.php';
|
|
return (string) ob_get_clean();
|
|
}
|
|
}
|