Skip to content

WP/AlternativeFunctions: add tests for namespaced names tests and fix handling of class functions/constants/properties #2617

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
+50 −4
Open

WP/AlternativeFunctions: add tests for namespaced names tests and fix handling of class functions/constants/properties #2617

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f51cb5d
WP/AlternativeFunctions: add tests for namespaced names
rodrigoprimo Aug 21, 2025
15c8cb7
WP/AlternativeFunctions: improve regex to distinguish global WP const…
rodrigoprimo Sep 16, 2025
e95a98f
WP/AlternativeFunctions: fix handling of FQN references to global str…
rodrigoprimo Nov 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions WordPress/Sniffs/WP/AlternativeFunctionsSniff.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -283,7 +283,7 @@ public function process_matched_token( $stackPtr, $group_name, $matched_content
}

$contains_wp_path_constant = preg_match(
'`\b(?:ABSPATH|WP_(?:CONTENT|PLUGIN)_DIR|WPMU_PLUGIN_DIR|TEMPLATEPATH|STYLESHEETPATH|(?:MU)?PLUGINDIR)\b`',
'`(?<!->|::)\b(?:ABSPATH|WP_(?:CONTENT|PLUGIN)_DIR|WPMU_PLUGIN_DIR|TEMPLATEPATH|STYLESHEETPATH|(?:MU)?PLUGINDIR)\b`',
$filename_param['clean']
);
if ( 1 === $contains_wp_path_constant ) {
Expand All @@ -292,7 +292,7 @@ public function process_matched_token( $stackPtr, $group_name, $matched_content
}

$contains_wp_path_function_call = preg_match(
'`(?:get_home_path|plugin_dir_path|get_(?:stylesheet|template)_directory|wp_upload_dir)\s*\(`i',
'`(?<!->|::)(?:get_home_path|plugin_dir_path|get_(?:stylesheet|template)_directory|wp_upload_dir)\s*\(`i',
$filename_param['clean']
);
if ( 1 === $contains_wp_path_function_call ) {
Expand Down Expand Up @@ -353,7 +353,9 @@ public function process_matched_token( $stackPtr, $group_name, $matched_content
*/
protected function is_local_data_stream( $clean_param_value ) {

$stripped = TextStrings::stripQuotes( $clean_param_value );
$stripped = TextStrings::stripQuotes( $clean_param_value );
$clean_param_value = ltrim( $clean_param_value, '\\' );

if ( isset( $this->allowed_local_streams[ $stripped ] )
|| isset( $this->allowed_local_stream_constants[ $clean_param_value ] )
) {
Expand Down
35 changes: 34 additions & 1 deletion WordPress/Tests/WP/AlternativeFunctionsUnitTest.inc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ file_get_contents( $local_file, true ); // OK.
file_get_contents( $url, false ); // Warning.
file_get_contents(); // OK - no params, so nothing to do.
file_get_contents( 'http://remoteurl.com/file/?w=1' ); // Warning.
file_get_contents( 'https://wordpress.org' ); // Warning.
\file_GET_contents( 'https://wordpress.org' ); // Warning.
file_get_contents(ABSPATH . 'wp-admin/css/some-file.css'); // OK.
file_get_contents(MYABSPATH . 'plugin-file.json'); // Warning.
file_get_contents( MUPLUGINDIR . 'some-file.xml' ); // OK.
Expand Down Expand Up @@ -147,3 +147,36 @@ file_get_contents(
// Not using plugin_dir_path() for reasons.
$url
); // Warning.

/*
* Safeguard correct handling of all types of namespaced function calls
*/
\curl_init();
MyNamespace\parse_url( 'http://example.com/' );
\MyNamespace\json_encode( $data );
namespace\unlink(); // The sniff should start flagging this once it can resolve relative namespaces.
namespace\Sub\strip_tags( $string );

/*
* Safeguard that the sniff does not incorrectly ignore class methods/constants with the same
* name as WordPress global functions/constants when used in file_get_contents().
*/
file_get_contents( MyClass::wp_upload_dir() . 'subdir/file.inc' );
file_get_contents( $this->GET_HOME_PATH() . 'subdir/file.inc' );
file_get_contents( $this?->plugin_dir_path() . 'subdir/file.inc' );
file_get_contents( MyClass::ABSPATH . 'subdir/file.inc' );
file_get_contents( $this->WPMU_PLUGIN_DIR . 'subdir/file.inc' );
file_get_contents( $this?->TEMPLATEPATH . 'subdir/file.inc' );

/*
* Safeguard correct handling of namespaced variants of STDIN/STDOUT/STDERR constants.
*
* Note: passing stream resources to these functions is not valid PHP and will be addressed in
* https://github.com/WordPress/WordPress-Coding-Standards/issues/2602. These tests document the current behavior of the
* sniff.
*/
fopen( \STDIN, 'r' );
file_put_contents( MyNamespace\STDOUT, $data );
file_get_contents( \MyNamespace\STDIN );
file_put_contents( namespace\STDERR, $data ); // The sniff should not flag this once it can resolve relative namespaces.
readfile( namespace\Sub\STDIN );
11 changes: 11 additions & 0 deletions WordPress/Tests/WP/AlternativeFunctionsUnitTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,17 @@ public function getWarningList() {
131 => 1,
142 => 1,
146 => 1,
154 => 1,
164 => 1,
165 => 1,
166 => 1,
167 => 1,
168 => 1,
169 => 1,
179 => 1,
180 => 1,
181 => 1,
182 => 1,
);
}
}
Loading