Merge pull request #3684 from 10up/feature/validate-settings

Feature/validate settings
10up · Oct 18, 2023 · 5b8b5a1 · 5b8b5a1
2 parents b0fecdb + 0b9fa65
commit 5b8b5a1
Show file tree

Hide file tree

Showing 6 changed files with 338 additions and 85 deletions.
diff --git a/includes/classes/Screen.php b/includes/classes/Screen.php
@@ -51,6 +51,22 @@ class Screen {
 	 */
 	public $status_report;
 
+	/**
+	 * Dashboard instance
+	 *
+	 * @var Screen\Dashboard
+	 * @since  5.0.0
+	 */
+	public $dashboard;
+
+	/**
+	 * Settings instance
+	 *
+	 * @var Screen\Settings
+	 * @since  5.0.0
+	 */
+	public $settings;
+
 	/**
 	 * Initialize class
 	 *
@@ -63,11 +79,13 @@ public function setup() {
 		$this->health_info_screen = new Screen\HealthInfo();
 		$this->status_report      = new Screen\StatusReport();
 		$this->dashboard          = new Screen\Dashboard();
+		$this->settings           = new Screen\Settings();
 
 		$this->sync_screen->setup();
 		$this->health_info_screen->setup();
 		$this->status_report->setup();
 		$this->dashboard->setup();
+		$this->settings->setup();
 	}
 
 	/**

diff --git a/includes/classes/Screen/Settings.php b/includes/classes/Screen/Settings.php
@@ -0,0 +1,176 @@
+<?php
+/**
+ * Settings screen.
+ *
+ * @since 5.0.0
+ * @package ElasticPress
+ */
+
+namespace ElasticPress\Screen;
+
+use ElasticPress\Screen;
+use ElasticPress\Utils;
+
+defined( 'ABSPATH' ) || exit;
+
+/**
+ * Settings screen Class.
+ */
+class Settings {
+	/**
+	 * Previous language
+	 *
+	 * @var string
+	 */
+	protected $prev_ep_language = '';
+
+	/**
+	 * Previous URL host
+	 *
+	 * @var string
+	 */
+	protected $prev_ep_host = '';
+
+	/**
+	 * Previous credentials array
+	 *
+	 * @var array
+	 */
+	protected $prev_ep_credentials = [];
+
+	/**
+	 * Previous "Content Items per Index Cycle" setting
+	 *
+	 * @var int
+	 */
+	protected $prev_ep_bulk_setting = 350;
+
+	/**
+	 * Initialize class
+	 */
+	public function setup() {
+		add_action( 'admin_enqueue_scripts', [ $this, 'admin_enqueue_scripts' ] );
+		add_action( 'admin_init', [ $this, 'action_admin_init' ], 8 );
+	}
+
+	/**
+	 * Enqueue script
+	 */
+	public function admin_enqueue_scripts() {
+		if ( 'settings' !== Screen::factory()->get_current_screen() ) {
+			return;
+		}
+
+		wp_enqueue_script(
+			'ep_settings_scripts',
+			EP_URL . 'dist/js/settings-script.js',
+			Utils\get_asset_info( 'settings-script', 'dependencies' ),
+			Utils\get_asset_info( 'settings-script', 'version' ),
+			true
+		);
+
+		wp_set_script_translations( 'ep_settings_scripts', 'elasticpress' );
+	}
+
+	/**
+	 * Admin-init actions
+	 *
+	 * Sets up Settings API.
+	 */
+	public function action_admin_init() {
+		$post = wp_unslash( $_POST );
+
+		if ( empty( $post['ep_settings_nonce'] ) || ! wp_verify_nonce( $post['ep_settings_nonce'], 'elasticpress_settings' ) ) {
+			return;
+		}
+
+		$this->prev_ep_language     = Utils\get_language();
+		$this->prev_ep_host         = Utils\get_host();
+		$this->prev_ep_credentials  = Utils\get_epio_credentials();
+		$this->prev_ep_bulk_setting = Utils\get_option( 'ep_bulk_setting', 350 );
+
+		$language = sanitize_text_field( $post['ep_language'] );
+		Utils\update_option( 'ep_language', $language );
+
+		if ( isset( $post['ep_host'] ) ) {
+			$host = esc_url_raw( trim( $post['ep_host'] ) );
+			Utils\update_option( 'ep_host', $host );
+		}
+
+		if ( isset( $post['ep_credentials'] ) ) {
+			$credentials = ( isset( $post['ep_credentials'] ) ) ? Utils\sanitize_credentials( $post['ep_credentials'] ) : [
+				'username' => '',
+				'token'    => '',
+			];
+
+			Utils\update_option( 'ep_credentials', $credentials );
+		}
+
+		if ( isset( $post['ep_bulk_setting'] ) ) {
+			Utils\update_option( 'ep_bulk_setting', $this->sanitize_bulk_settings( $post['ep_bulk_setting'] ) );
+		}
+
+		$es_info = \ElasticPress\Elasticsearch::factory()->get_elasticsearch_info( true );
+		if ( empty( $es_info['version'] ) ) {
+			add_action( 'admin_notices', [ $this, 'add_validation_notice' ] );
+
+			unset( $_POST['ep_host'] ); // Needed to prevent going to the next installation step
+			$this->reset_settings();
+		}
+	}
+
+	/**
+	 * Add a notice to the Settings form when the host was not set yet
+	 */
+	public function add_validation_notice() {
+		$target = ( Utils\is_epio() ) ?
+			_x( 'ElasticPress.io account', 'Settings validation message', 'elasticpress' ) :
+			_x( 'Elasticsearch server', 'Settings validation message', 'elasticpress' );
+
+		if ( empty( $this->prev_ep_host ) ) {
+			// Setting it for the first time -- probably during the install process.
+			$message = sprintf(
+				/* translators: EP.io account or ES server. */
+				__( 'It was not possible to connect to your %s. Please check your settings and try again.', 'elasticpress' ),
+				$target
+			);
+		} else {
+			$message = sprintf(
+				/* translators: EP.io account or ES server. */
+				__( 'It was not possible to connect to your %s. Your settings were reverted.', 'elasticpress' ),
+				$target
+			);
+		}
+		?>
+		<div class="notice notice-error">
+			<p>
+				<?php echo wp_kses( $message, 'ep-html' ); ?>
+			</p>
+		</div>
+		<?php
+	}
+
+	/**
+	 * Sanitize bulk settings.
+	 *
+	 * @param int $bulk_settings Number of bulk content items
+	 * @return int
+	 */
+	protected function sanitize_bulk_settings( $bulk_settings = 350 ) {
+		$bulk_settings = absint( $bulk_settings );
+
+		return ( 0 === $bulk_settings ) ? 350 : $bulk_settings;
+	}
+
+	/**
+	 * Reset settings to their previous values
+	 */
+	protected function reset_settings() {
+		Utils\update_option( 'ep_language', $this->prev_ep_language );
+		Utils\update_option( 'ep_host', $this->prev_ep_host );
+		Utils\update_option( 'ep_credentials', $this->prev_ep_credentials );
+		Utils\update_option( 'ep_bulk_setting', $this->prev_ep_bulk_setting );
+
+		\ElasticPress\Elasticsearch::factory()->get_elasticsearch_info( true );
+	}
+}
diff --git a/includes/dashboard.php b/includes/dashboard.php
@@ -34,7 +34,6 @@ function setup() {
 
 	add_action( 'wp_ajax_ep_save_feature', __NAMESPACE__ . '\action_wp_ajax_ep_save_feature' );
 	add_action( 'admin_enqueue_scripts', __NAMESPACE__ . '\action_admin_enqueue_dashboard_scripts' );
-	add_action( 'admin_init', __NAMESPACE__ . '\action_admin_init' );
 	add_action( 'admin_init', __NAMESPACE__ . '\maybe_clear_es_info_cache' );
 	add_action( 'admin_init', __NAMESPACE__ . '\maybe_skip_install' );
 	add_action( 'wp_ajax_ep_notice_dismiss', __NAMESPACE__ . '\action_wp_ajax_ep_notice_dismiss' );
@@ -516,18 +515,6 @@ function action_admin_enqueue_dashboard_scripts() {
 		wp_localize_script( 'ep_dashboard_scripts', 'epDash', $data );
 	}
 
-	if ( in_array( Screen::factory()->get_current_screen(), [ 'settings' ], true ) ) {
-		wp_enqueue_script(
-			'ep_settings_scripts',
-			EP_URL . 'dist/js/settings-script.js',
-			Utils\get_asset_info( 'settings-script', 'dependencies' ),
-			Utils\get_asset_info( 'settings-script', 'version' ),
-			true
-		);
-
-		wp_set_script_translations( 'ep_settings_scripts', 'elasticpress' );
-	}
-
 	if ( in_array( Screen::factory()->get_current_screen(), [ 'health' ], true ) && ! empty( Utils\get_host() ) ) {
 		Stats::factory()->build_stats();
 
@@ -565,68 +552,6 @@ function action_admin_enqueue_dashboard_scripts() {
 	);
 }
 
-/**
- * Admin-init actions
- *
- * Sets up Settings API.
- *
- * @since 1.9
- * @return void
- */
-function action_admin_init() {
-	$post = wp_unslash( $_POST );
-
-	// Save options for multisite.
-	if ( defined( 'EP_IS_NETWORK' ) && EP_IS_NETWORK && isset( $post['ep_language'] ) ) {
-		check_admin_referer( 'elasticpress-options' );
-
-		$language = sanitize_text_field( $post['ep_language'] );
-		Utils\update_option( 'ep_language', $language );
-
-		if ( isset( $post['ep_host'] ) ) {
-			$host = esc_url_raw( trim( $post['ep_host'] ) );
-			Utils\update_option( 'ep_host', $host );
-		}
-
-		if ( isset( $post['ep_credentials'] ) ) {
-			$credentials = ( isset( $post['ep_credentials'] ) ) ? Utils\sanitize_credentials( $post['ep_credentials'] ) : [
-				'username' => '',
-				'token'    => '',
-			];
-
-			Utils\update_option( 'ep_credentials', $credentials );
-		}
-
-		if ( isset( $post['ep_bulk_setting'] ) ) {
-			Utils\update_option( 'ep_bulk_setting', intval( $post['ep_bulk_setting'] ) );
-		}
-	} else {
-		register_setting( 'elasticpress', 'ep_host', 'esc_url_raw' );
-		register_setting( 'elasticpress', 'ep_credentials', 'ep_sanitize_credentials' );
-		register_setting( 'elasticpress', 'ep_language', 'sanitize_text_field' );
-		register_setting(
-			'elasticpress',
-			'ep_bulk_setting',
-			[
-				'type'              => 'integer',
-				'sanitize_callback' => __NAMESPACE__ . '\sanitize_bulk_settings',
-			]
-		);
-	}
-}
-
-/**
- * Sanitize bulk settings.
- *
- * @param int $bulk_settings Number of bulk content items
- * @return int
- */
-function sanitize_bulk_settings( $bulk_settings = 350 ) {
-	$bulk_settings = absint( $bulk_settings );
-
-	return ( 0 === $bulk_settings ) ? 350 : $bulk_settings;
-}
-
 /**
  * Output current ElasticPress dashboard screen
  *

diff --git a/includes/partials/settings-page.php b/includes/partials/settings-page.php
@@ -15,14 +15,8 @@
 	exit; // Exit if accessed directly.
 }
 
-$action = 'options.php';
-
 $index_meta = IndexHelper::factory()->get_index_meta();
 
-if ( defined( 'EP_IS_NETWORK' ) && EP_IS_NETWORK ) {
-	$action = '';
-}
-
 $version = Elasticsearch::factory()->get_elasticsearch_version();
 
 $host        = Utils\get_host();
@@ -39,9 +33,8 @@
 <div class="wrap">
 	<h1><?php esc_html_e( 'Settings', 'elasticpress' ); ?></h1>
 
-	<form action="<?php echo esc_url( $action ); ?>" method="post" class="ep-settings">
-		<?php settings_fields( 'elasticpress' ); ?>
-		<?php settings_errors(); ?>
+	<form action="" method="post" class="ep-settings">
+		<?php wp_nonce_field( 'elasticpress_settings', 'ep_settings_nonce' ); ?>
 
 		<div class="ep-credentials">
 			<?php if ( ! $wpconfig ) : ?>