From 4bb19e4acacb784eb2cc47f4c998152ddec4db7e Mon Sep 17 00:00:00 2001 From: Ian Dunn Date: Thu, 3 May 2018 19:27:14 +0000 Subject: [PATCH] Privacy: Store plugin callbacks in associative array for flexibility. The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though. Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks. Props desrosj, allendav, ocean90. Fixes #43931. git-svn-id: https://develop.svn.wordpress.org/trunk@43154 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/includes/admin-filters.php | 2 +- src/wp-admin/includes/ajax-actions.php | 35 ++++++++++++++----------- src/wp-admin/includes/file.php | 3 ++- src/wp-includes/comment.php | 5 ++-- src/wp-includes/media.php | 2 +- src/wp-includes/user.php | 2 +- 6 files changed, 26 insertions(+), 23 deletions(-) diff --git a/src/wp-admin/includes/admin-filters.php b/src/wp-admin/includes/admin-filters.php index 30da2d0a56..f8ce8c9e9a 100644 --- a/src/wp-admin/includes/admin-filters.php +++ b/src/wp-admin/includes/admin-filters.php @@ -133,7 +133,7 @@ add_action( 'upgrader_process_complete', 'wp_update_plugins', 10, 0 ); add_action( 'upgrader_process_complete', 'wp_update_themes', 10, 0 ); // Privacy hooks -add_filter( 'wp_privacy_personal_data_export_page', 'wp_privacy_process_personal_data_export_page', 10, 6 ); +add_filter( 'wp_privacy_personal_data_export_page', 'wp_privacy_process_personal_data_export_page', 10, 7 ); add_action( 'wp_privacy_personal_data_export_file', 'wp_privacy_generate_personal_data_export_file', 10 ); // Privacy policy text changes check. diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php index f6e152cc84..aea2543623 100644 --- a/src/wp-admin/includes/ajax-actions.php +++ b/src/wp-admin/includes/ajax-actions.php @@ -4409,24 +4409,24 @@ function wp_ajax_wp_privacy_export_personal_data() { wp_send_json_error( __( 'Exporter index out of range.' ) ); } - $index = $exporter_index - 1; - if ( $page < 1 ) { wp_send_json_error( __( 'Page index cannot be less than one.' ) ); } - $exporter = $exporters[ $index ]; + $exporter_keys = array_keys( $exporters ); + $exporter_key = $exporter_keys[ $exporter_index - 1 ]; + $exporter = $exporters[ $exporter_key ]; if ( ! is_array( $exporter ) ) { wp_send_json_error( - /* translators: %d: array index */ - sprintf( __( 'Expected an array describing the exporter at index %d.' ), $exporter_index ) + /* translators: %s: array index */ + sprintf( __( 'Expected an array describing the exporter at index %s.' ), $exporter_key ) ); } if ( ! array_key_exists( 'exporter_friendly_name', $exporter ) ) { wp_send_json_error( - /* translators: %d: array index */ - sprintf( __( 'Exporter array at index %d does not include a friendly name.' ), $exporter_index ) + /* translators: %s: array index */ + sprintf( __( 'Exporter array at index %s does not include a friendly name.' ), $exporter_key ) ); } if ( ! array_key_exists( 'callback', $exporter ) ) { @@ -4442,8 +4442,8 @@ function wp_ajax_wp_privacy_export_personal_data() { ); } - $callback = $exporters[ $index ]['callback']; - $exporter_friendly_name = $exporters[ $index ]['exporter_friendly_name']; + $callback = $exporter['callback']; + $exporter_friendly_name = $exporter['exporter_friendly_name']; $response = call_user_func( $callback, $email_address, $page ); if ( is_wp_error( $response ) ) { @@ -4495,8 +4495,9 @@ function wp_ajax_wp_privacy_export_personal_data() { * @param int $page The page for this response. * @param int $request_id The privacy request post ID associated with this request. * @param bool $send_as_email Whether the final results of the export should be emailed to the user. + * @param int $exporter_key The key (slug) of the exporter that provided this data. */ - $response = apply_filters( 'wp_privacy_personal_data_export_page', $response, $exporter_index, $email_address, $page, $request_id, $send_as_email ); + $response = apply_filters( 'wp_privacy_personal_data_export_page', $response, $exporter_index, $email_address, $page, $request_id, $send_as_email, $exporter_key ); if ( is_wp_error( $response ) ) { wp_send_json_error( $response ); @@ -4591,8 +4592,9 @@ function wp_ajax_wp_privacy_erase_personal_data() { wp_send_json_error( __( 'Page index cannot be less than one.' ) ); } - $index = $eraser_index - 1; // Convert to zero based for eraser index. - $eraser = $erasers[ $index ]; + $eraser_keys = array_keys( $erasers ); + $eraser_key = $eraser_keys[ $eraser_index - 1 ]; + $eraser = $erasers[ $eraser_key ]; if ( ! is_array( $eraser ) ) { /* translators: %d: array index */ @@ -4614,8 +4616,8 @@ function wp_ajax_wp_privacy_erase_personal_data() { wp_send_json_error( sprintf( __( 'Eraser array at index %d does not include a friendly name.' ), $eraser_index ) ); } - $callback = $erasers[ $index ]['callback']; - $eraser_friendly_name = $erasers[ $index ]['eraser_friendly_name']; + $callback = $eraser['callback']; + $eraser_friendly_name = $eraser['eraser_friendly_name']; $response = call_user_func( $callback, $email_address, $page ); @@ -4706,12 +4708,13 @@ function wp_ajax_wp_privacy_erase_personal_data() { * @since 4.9.6 * * @param array $response The personal data for the given exporter and page. - * @param int $exporter_index The index of the exporter that provided this data. + * @param int $eraser_index The index of the eraser that provided this data. * @param string $email_address The email address associated with this personal data. * @param int $page The page for this response. * @param int $request_id The privacy request post ID associated with this request. + * @param int $eraser_key The key (slug) of the eraser that provided this data. */ - $response = apply_filters( 'wp_privacy_personal_data_erasure_page', $response, $eraser_index, $email_address, $page, $request_id ); + $response = apply_filters( 'wp_privacy_personal_data_erasure_page', $response, $eraser_index, $email_address, $page, $request_id, $eraser_key ); if ( is_wp_error( $response ) ) { wp_send_json_error( $response ); diff --git a/src/wp-admin/includes/file.php b/src/wp-admin/includes/file.php index 6f93dfa8d3..f0f64cdbe3 100644 --- a/src/wp-admin/includes/file.php +++ b/src/wp-admin/includes/file.php @@ -2262,9 +2262,10 @@ All at ###SITENAME### * @param int $page The page of personal data for this exporter. Begins at 1. * @param int $request_id The request ID for this personal data export. * @param bool $send_as_email Whether the final results of the export should be emailed to the user. + * @param string $exporter_key The slug (key) of the exporter. * @return array The filtered response. */ -function wp_privacy_process_personal_data_export_page( $response, $exporter_index, $email_address, $page, $request_id, $send_as_email ) { +function wp_privacy_process_personal_data_export_page( $response, $exporter_index, $email_address, $page, $request_id, $send_as_email, $exporter_key ) { /* Do some simple checks on the shape of the response from the exporter. * If the exporter response is malformed, don't attempt to consume it - let it * pass through to generate a warning to the user by default ajax processing. diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php index 884487d665..41a1dc3f9f 100644 --- a/src/wp-includes/comment.php +++ b/src/wp-includes/comment.php @@ -3285,7 +3285,7 @@ function wp_handle_comment_submission( $comment_data ) { * @return array $exporters An array of personal data exporters. */ function wp_register_comment_personal_data_exporter( $exporters ) { - $exporters[] = array( + $exporters['wordpress-comments'] = array( 'exporter_friendly_name' => __( 'WordPress Comments' ), 'callback' => 'wp_comments_personal_data_exporter', ); @@ -3390,7 +3390,7 @@ function wp_comments_personal_data_exporter( $email_address, $page = 1 ) { * @return array $erasers An array of personal data erasers. */ function wp_register_comment_personal_data_eraser( $erasers ) { - $erasers[] = array( + $erasers['wordpress-comments'] = array( 'eraser_friendly_name' => __( 'WordPress Comments' ), 'callback' => 'wp_comments_personal_data_eraser', ); @@ -3498,4 +3498,3 @@ function wp_comments_personal_data_eraser( $email_address, $page = 1 ) { 'done' => $done, ); } - diff --git a/src/wp-includes/media.php b/src/wp-includes/media.php index 3ff63e6aa4..c93c3dbabf 100644 --- a/src/wp-includes/media.php +++ b/src/wp-includes/media.php @@ -4102,7 +4102,7 @@ function wpview_media_sandbox_styles() { * @return array An array of personal data exporters. */ function wp_register_media_personal_data_exporter( $exporters ) { - $exporters[] = array( + $exporters['wordpress-media'] = array( 'exporter_friendly_name' => __( 'WordPress Media' ), 'callback' => 'wp_media_personal_data_exporter', ); diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php index 1d86629262..93ad81348b 100644 --- a/src/wp-includes/user.php +++ b/src/wp-includes/user.php @@ -2834,7 +2834,7 @@ function _wp_privacy_action_request_types() { * @return array An array of personal data exporters. */ function wp_register_user_personal_data_exporter( $exporters ) { - $exporters[] = array( + $exporters['wordpress-user'] = array( 'exporter_friendly_name' => __( 'WordPress User' ), 'callback' => 'wp_user_personal_data_exporter', );