magdev/wc-licensed-product
1
Fork 0
Code Issues Pull Requests Actions Releases 4 Activity

Prepare v0.1.0 release - code review and documentation updates

Browse Source 
- Conducted comprehensive security and best practices review
- Fixed VersionManager null format handling for attachment updates
- Improved input sanitization in AdminController for page context checks
- Updated README.md with complete feature documentation
- Updated CHANGELOG.md with 0.1.0 release notes
- Updated translations (.pot, .po, .mo files) to version 0.1.0
- Bumped version to 0.1.0 in plugin header and constant

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Marco Grätsch
2026-01-22 11:57:05 +01:00
parent d0c0756412
commit 5256f88815
9 changed files with 2640 additions and 1534 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Admin/AdminController.php
View File

@@ -105,7 +105,9 @@ final class AdminController
{
// Check for our pages and WooCommerce Reports page with licenses tab
$isLicensePage = in_array($hook, ['woocommerce_page_wc-licenses', 'woocommerce_page_wc-license-dashboard'], true);
$isReportsPage = $hook === 'woocommerce_page_wc-reports' && isset($_GET['tab']) && $_GET['tab'] === 'licenses';
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Only checking current page context
$currentTab = isset($_GET['tab']) ? sanitize_text_field(wp_unslash($_GET['tab'])) : '';
$isReportsPage = $hook === 'woocommerce_page_wc-reports' && $currentTab === 'licenses';
if (!$isLicensePage && !$isReportsPage) {
return;

16
src/Product/VersionManager.php
View File

@@ -167,8 +167,20 @@ class VersionManager
}
if ($attachmentId !== null) {
$data['attachment_id'] = $attachmentId > 0 ? $attachmentId : null;
$formats[] = $attachmentId > 0 ? '%d' : null;
if ($attachmentId > 0) {
$data['attachment_id'] = $attachmentId;
$formats[] = '%d';
} else {
// Set to NULL using raw SQL instead of adding to $data
global $wpdb;
$tableName = Installer::getVersionsTable();
$wpdb->query(
$wpdb->prepare(
"UPDATE {$tableName} SET attachment_id = NULL WHERE id = %d",
$versionId
)
);
}
}
if (empty($data)) {