richtabor/MerlinWP

Issues found by Theme Check plugin

Opened this issue · 1 comments

Hi Rich,

This is a fantastic plugin, great job!

The only issue I'm having is when I include it in a theme and run the Theme Check plugin, I get the following Warnings, most of which seem to be related to Monolog:

WARNING: Found exec in the file merlin/vendor/monolog/monolog/tests/Monolog/Processor/MercurialProcessorTest.php. PHP system calls are often disabled by server admins and should not be in themes.

Line24: exec('where hg 2>NUL', $output, $result);

Line26: exec('which hg 2>/dev/null >/dev/null', $output, $result);

WARNING: Found base64_encode in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/ChromePHPHandlerTest.php. base64_encode() is not allowed.

Line41: 'X-ChromeLogger-Data' => base64_encode(utf8_encode(json_encode(array(

Line75: 'X-ChromeLogger-Data' => base64_encode(utf8_encode(json_encode(array(

Line118: 'X-ChromeLogger-Data' => base64_encode(utf8_encode(json_encode(array(

WARNING: Found base64_encode in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/ChromePHPHandler.php. base64_encode() is not allowed.

Line138: $data = base64_encode(utf8_encode($json));

Line153: $data = base64_encode(utf8_encode($json));

WARNING: Found ->exec in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/RedisHandler.php. PHP system calls are often disabled by server admins and should not be in themes.

Line79: ->exec();

WARNING: pfsockopen was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SocketHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line17: * Stores to any socket - uses fsockopen() or pfsockopen().

Line196: protected function pfsockopen()

Line198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this-

Line276: $resource = $this->pfsockopen();

WARNING: fwrite was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Formatter/NormalizerFormatterTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line353: fwrite($resource, 'test_resource');

WARNING: fwrite was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line130: fwrite($stream, (string) $record['formatted']);

WARNING: fwrite was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SocketHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line225: protected function fwrite($data)

Line227: return @fwrite($this->resource, $data);

Line300: $chunk = $this->fwrite($data);

Line302: $chunk = $this->fwrite(substr($data, $sent));

WARNING: fwrite was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/DeduplicationHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line156: fwrite($handle, $log);

WARNING: fsockopen was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SocketHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line17: * Stores to any socket - uses fsockopen() or pfsockopen().

Line20: * @see http://php.net/manual/en/function.fsockopen.php

Line98: * @see http://php.net/manual/en/function.fsockopen.php

Line183: * UDP might appear to be connected but might fail when writing. See http://php.net/fsockopen for details.

Line196: protected function pfsockopen()

Line198: return @pfsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->

Line204: protected function fsockopen()

Line206: return @fsockopen($this->connectionString, -1, $this->errno, $this->errstr, $this->

Line276: $resource = $this->pfsockopen();

Line278: $resource = $this->fsockopen();

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/StreamHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line32: $this->assertEquals('testtest2test3', fread($handle, 100));

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/SocketHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line203: $this->assertEquals('test1test2test3', fread($this->res, 1024));

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/SlackHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line47: $content = fread($this->res, 1024);

Line57: $content = fread($this->res, 1024);

Line70: $content = fread($this->res, 1024);

Line76: $content2 = fread($this->res, 1024);

Line87: $content = fread($this->res, 1024);

Line100: $content = fread($this->res, 1024);

Line110: $content = fread($this->res, 1024);

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/PushoverHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line34: $content = fread($this->res, 1024);

Line54: $content = fread($this->res, 1024);

Line65: $content = fread($this->res, 1024);

Line77: $content = fread($this->res, 1024);

Line89: $content = fread($this->res, 1024);

Line99: $content = fread($this->res, 1024);

Line109: $content = fread($this->res, 1024);

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/LogEntriesHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line38: $content = fread($this->res, 1024);

Line54: $content = fread($this->res, 1024);

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/HipChatHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line32: $content = fread($this->res, 1024);

Line44: $content = fread($this->res, 1024);

Line56: $content = fread($this->res, 1024);

Line68: $content = fread($this->res, 1024);

Line80: $content = fread($this->res, 1024);

Line100: $content = fread($this->res, 1024);

Line136: $content = fread($this->res, 1024);

Line148: $content = fread($this->res, 1024);

Line158: $content = fread($this->res, 12000);

Line171: $content = fread($this->res, 1024);

Line200: $content = fread($this->res, 1024);

WARNING: fread was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/FlowdockHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line46: $content = fread($this->res, 1024);

WARNING: fread was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SlackHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line160: @fread($res, 2048);

WARNING: fopen was found in the file merlin/vendor/psr/log/Psr/Log/Test/LoggerInterfaceTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line112: 'resource' => fopen('php://memory', 'r'),

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/StreamHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line25: $handle = fopen('php://memory', 'a+');

Line40: $handle = fopen('php://memory', 'a+');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/SocketHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line278: $this->res = fopen('php://memory', 'a');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/SlackHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line132: $this->res = fopen('php://memory', 'a');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/PushoverHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line118: $this->res = fopen('php://memory', 'a');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/LogEntriesHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line63: $this->res = fopen('php://memory', 'a');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/HipChatHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line242: $this->res = fopen('php://memory', 'a');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/FlowdockHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line65: $this->res = fopen('php://memory', 'a');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Formatter/NormalizerFormatterTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line34: 'extra' => array('foo' => new TestFooNorm, 'bar' => new TestBarNorm, 'baz' => array(), 'res' => fopen('php://memory', 'rb')),

Line199: $resource = fopen(FILE, 'r');

Line352: $resource = fopen('php://memory', 'rw+');

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Formatter/LineFormatterTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line116: 'extra' => array('foo' => new TestFoo, 'bar' => new TestBar, 'baz' => array(), 'res' => fopen('php://memory', 'rb')),

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line100: $this->stream = fopen($this->url, 'a');

Line135: $this->errorMessage = preg_replace('{^(fopen|mkdir)(.*?): }', '', $msg);

WARNING: fopen was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/DeduplicationHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line140: $handle = fopen($this->deduplicationStore, 'rw+');

WARNING: file_put_contents was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/RotatingFileHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line197: file_put_contents($log, 'foo');

WARNING: file_put_contents was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/DeduplicationHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line167: file_put_contents($this->deduplicationStore, $record['datetime']->getTimest

WARNING: file_put_contents was found in the file merlin/includes/class-merlin-downloader.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line43: $saved_file = file_put_contents( $this->download_directory_path . $filename, $content );

WARNING: file_get_contents was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/RotatingFileHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line73: $this->assertEquals('test', file_get_contents($log));

Line104: $this->assertEquals('test', file_get_contents($log));

Line201: $this->assertEquals('footest', file_get_contents($log));

WARNING: file_get_contents was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/DeduplicationHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line133: file_get_contents(sys_get_temp_dir() . '/monolog_dedup.log')

Line154: file_get_contents(sys_get_temp_dir() . '/monolog_dedup.log')

WARNING: file_get_contents was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/CouchDBHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line60: if (false === @file_get_contents($url, null, $context)) {

WARNING: file_get_contents was found in the file merlin/includes/class-merlin-widget-importer.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line77: $data = file_get_contents( $file );

WARNING: file_get_contents was found in the file merlin/includes/class-merlin-redux-importer.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line25: $redux_options_raw_data = file_get_contents( $redux_item['file_path'] );

WARNING: file_get_contents was found in the file merlin/includes/class-merlin-customizer-importer.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line64: $raw = file_get_contents( $import_file_path );

WARNING: fclose was found in the file merlin/vendor/monolog/monolog/tests/Monolog/Handler/SocketHandlerTest.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line181: fclose($res);

WARNING: fclose was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line63: fclose($this->stream);

WARNING: fclose was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SocketHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line78: fclose($this->resource);

WARNING: fclose was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/DeduplicationHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line160: fclose($handle);

WARNING: curl_init was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SlackbotHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line72: $ch = curl_init();

WARNING: curl_init was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/SlackWebhookHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line83: $ch = curl_init();

WARNING: curl_init was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/MandrillHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line55: $ch = curl_init();

WARNING: curl_init was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/LogglyHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line87: $ch = curl_init();

WARNING: curl_init was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/IFTTTHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line58: $ch = curl_init();

WARNING: curl_init was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/CubeHandler.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line91: $this->httpConnection = curl_init('http://'.$this->host.':'.$this->port.'/1.0/event/put');

WARNING: curl_exec was found in the file merlin/vendor/monolog/monolog/src/Monolog/Handler/Curl/Util.php File operations should use the WP_Filesystem methods instead of direct PHP filesystem calls.

Line35: if (curl_exec($ch) === false) {

Any idea how to fix this? If so, might make it easier to get into .org themes, which would be a win for everyone involved.

Thanks!

Troy

las3r commented

It's quite simple, you are including testing files into a theme. I use a build script that will automatically create a build without these kind of files. I would suggest using a task runner to clean out these folders upon "release" and remove everything that isn't needed for MerlinWP to work. This is a bit overkill (and will require some debugging) but at this point it's the only way to do it.

As themeforest states (in case that's the marketplace you're looking at) your plugins and theme need to adhere to their standards, whether it's a vendor package (which this is) or not.