代码优化

fatratcollect.php

@@ -292,13 +292,13 @@ function frc_write_log($string, $file_name = '')
         wp_send_json(['code' => 5003, 'msg' => '鼠友你好, 胖鼠采集目前要求php版本 > 7.1, 检测到你当前PHP版本为'.phpversion().'. 建议升级php版本, 或者请去胖鼠采集的Github下载使用胖鼠v5.6版本 分支名: based_php_5.6!']);
         wp_die();
     }
-    $interface_type = !empty($_REQUEST['interface_type']) ? sanitize_text_field($_REQUEST['interface_type']) : null;
+    $interface_type = frc_sanitize_text('interface_type', null);
     if (empty($interface_type)){
         wp_send_json(['code' => 5004, 'msg' => 'interface type not found error!']);
         wp_die();
     }
 
-    $action_func = !empty($_REQUEST['action_func']) ? sanitize_text_field($_REQUEST['action_func']) : '';
+    $action_func = frc_sanitize_text('action_func');
     if (empty($action_func)){
         wp_send_json(['code' => 5001, 'msg' => 'Parameter error!']);
         wp_die();

includes/fatrat-data-detail.php

@@ -44,16 +44,16 @@ public function data_paging($page_number = 1, $per_page = 10, $customvar = 'tota
         $sql = "SELECT * FROM $this->table_post";
 
         if (!empty($_REQUEST['option_id'])) {
-            $sql .= " where option_id = ".esc_sql($_REQUEST['option_id']);
+            $sql .= " where option_id = ".frc_sanitize_text('option_id');
         }
 
         if (in_array($customvar, array('1', '2', '3'))) {
             $sql .= " AND `status` = '$customvar'";
         }
 
         if (!empty($_REQUEST['orderby'])) {
-            $sql .= ' ORDER BY ' . esc_sql($_REQUEST['orderby']);
-            $sql .= !empty($_REQUEST['order']) ? ' ' . esc_sql($_REQUEST['order']) : ' ASC';
+            $sql .= ' ORDER BY ' . frc_sanitize_text('orderby');
+            $sql .= !empty($_REQUEST['order']) ? ' ' . frc_sanitize_text('order') : ' ASC';
         } else {
             $sql .= ' ORDER BY id DESC';
         }
@@ -74,7 +74,7 @@ public function record_count($customvar = 'total')
         $sql = "SELECT COUNT(*) FROM $this->table_post";
 
         if (!empty($_REQUEST['option_id'])) {
-            $sql .= " where option_id = ".esc_sql($_REQUEST['option_id']);
+            $sql .= " where option_id = ".frc_sanitize_text('option_id');
         }
 
         if (in_array($customvar, array('1', '2', '3'))) {
@@ -573,7 +573,7 @@ public function prepare_items()
         $sortable = $this->get_sortable_columns();
 
         //Retrieve $customvar for use in query to get items.
-        $customvar = (isset($_REQUEST['customvar']) ? sanitize_text_field($_REQUEST['customvar']) : 'total');
+        $customvar = frc_sanitize_text('customvar', 'total');
         $this->_column_headers = array($columns, $hidden, $sortable);
 
         /** Process bulk action */
@@ -594,7 +594,7 @@ public function prepare_items()
     public function get_views()
     {
         $views = array();
-        $current = (!empty($_REQUEST['customvar']) ? sanitize_text_field($_REQUEST['customvar']) : 'total');
+        $current = frc_sanitize_text('customvar', 'total');
 
         $class = 'total' === $current ? ' class="current"' : '';
         $total_url = remove_query_arg('customvar');
@@ -654,7 +654,7 @@ function frc_data_detail()
         return ;
     }
     $optionModel = new FRC_Options();
-    $option = $optionModel->option(esc_sql($_REQUEST['option_id']));
+    $option = $optionModel->option(frc_sanitize_text('option_id'));
     $release = json_decode($option['collect_release']);
     $categorys = get_categories(array('hide_empty' => false, 'order' => 'ASC', 'orderby' => 'id'));
     $users = get_users(array(

includes/fatrat-data.php

@@ -227,7 +227,7 @@ public function prepare_items()
         $sortable = $this->get_sortable_columns();
 
         //Retrieve $customvar for use in query to get items.
-        $customvar = (isset($_REQUEST['customvar']) ? sanitize_text_field($_REQUEST['customvar']) : 'total');
+        $customvar = frc_sanitize_text('customvar', 'total');
         $this->_column_headers = array($columns, $hidden, $sortable);
 
         /** Process bulk action */
@@ -248,7 +248,7 @@ public function prepare_items()
     public function get_views()
     {
         $views = array();
-        $current = (!empty($_REQUEST['customvar']) ? sanitize_text_field($_REQUEST['customvar']) : 'total');
+        $current = frc_sanitize_text('customvar', 'total');
 
         $class = 'total' === $current ? ' class="current"' : '';
         $total_url = remove_query_arg('customvar');

includes/fatrat-options-add-edit.php

@@ -16,7 +16,7 @@ function frc_options_add_edit()
     $option = null;
     $custom_content = null;
     $rule_link = $rule_title = $rule_content = $rule_paging = [];
-    $option_id = isset($_REQUEST['option_id']) ? sanitize_text_field($_REQUEST['option_id']): 0;
+    $option_id = frc_sanitize_text('option_id', 0);
     if ($option_id) {
         $options = new FRC_Options();
         $option = $options->option($option_id);

includes/fatrat-options.php

@@ -43,8 +43,8 @@ public function options_paging($page_number = 1, $per_page = 10, $customvar = 't
         }
 
         if (!empty($_REQUEST['orderby'])) {
-            $sql .= ' ORDER BY ' . esc_sql($_REQUEST['orderby']);
-            $sql .= !empty($_REQUEST['order']) ? ' ' . esc_sql($_REQUEST['order']) : ' ASC';
+            $sql .= ' ORDER BY ' . frc_sanitize_text('orderby');
+            $sql .= !empty($_REQUEST['order']) ? ' ' . frc_sanitize_text('order') : ' ASC';
         } else {
             $sql .= ' ORDER BY id DESC';
         }
@@ -760,7 +760,7 @@ public function prepare_items()
         $sortable = $this->get_sortable_columns();
 
         //Retrieve $customvar for use in query to get items.
-        $customvar = (isset($_REQUEST['customvar']) ? sanitize_text_field($_REQUEST['customvar']) : 'total');
+        $customvar = frc_sanitize_text('customvar', 'total');
         $this->_column_headers = array($columns, $hidden, $sortable);
 
         /** Process bulk action */
@@ -781,7 +781,7 @@ public function prepare_items()
     public function get_views()
     {
         $views = array();
-        $current = (!empty($_REQUEST['customvar']) ? sanitize_text_field($_REQUEST['customvar']) : 'total');
+        $current = frc_sanitize_text('customvar', 'total');
 
         $class = 'total' === $current ? ' class="current"' : '';
         $total_url = remove_query_arg('customvar');

includes/fatrat-spider.php

@@ -92,8 +92,8 @@ private function wx_url_format($urls){
      * @return array
      */
     public function grab_details_page(){
-        $urls       = !empty($_REQUEST['collect_details_urls']) ? sanitize_text_field($_REQUEST['collect_details_urls']) : '' ;
-        $option_id  = !empty($_REQUEST['collect_details_relus']) ? sanitize_text_field($_REQUEST['collect_details_relus']) : 0 ;
+        $urls       = frc_sanitize_text('collect_details_urls');
+        $option_id  = frc_sanitize_text('collect_details_relus', 0);
         if (empty($urls)){
             return ['code' => FRC_ApiError::FAIL, 'msg' => '链接不能为空'];
         }
@@ -116,7 +116,6 @@ public function grab_details_page(){
      */
     public function grab_list_page()
     {
-//        $option_id = !empty($_REQUEST['option_id']) ? sanitize_text_field($_REQUEST['option_id']) : 0;
         $option_id = frc_sanitize_text('option_id', 0);
 
         $options = new FRC_Options();
@@ -158,9 +157,8 @@ public function grab_list_page()
      */
     public function grab_history_page()
     {
-
-        $history_page_number    = !empty($_REQUEST['collect_history_page_number']) ? sanitize_text_field($_REQUEST['collect_history_page_number']) : '';
-        $option_id              = !empty($_REQUEST['collect_history_relus_id']) ? sanitize_text_field($_REQUEST['collect_history_relus_id']) : null;
+        $history_page_number    = frc_sanitize_text('collect_history_page_number');
+        $option_id              = frc_sanitize_text('collect_history_relus_id', null);
         if ($option_id === null){
             return ['code' => FRC_ApiError::FAIL, 'msg' => '请选择一个配置'];
         }
@@ -257,7 +255,7 @@ public function grab_history_page()
      */
     public function grab_all_page()
     {
-        $option_id = !empty($_REQUEST['option_id']) ? sanitize_text_field($_REQUEST['option_id']) : 0;
+        $option_id = frc_sanitize_text('option_id', 0);
 
         $options = new FRC_Options();
         $option = $options->option($option_id);