Add Direct_DB_Queries_Check

WordPress · Dec 12, 2023 · 7e2bfcb · 7e2bfcb
1 parent 0d76779
commit 7e2bfcb
Show file tree

Hide file tree

Showing 5 changed files with 134 additions and 0 deletions.
diff --git a/includes/Checker/Abstract_Check_Runner.php b/includes/Checker/Abstract_Check_Runner.php
@@ -555,6 +555,7 @@ private function register_checks() {
 				'late_escaping'              => new Checks\Late_Escaping_Check(),
 				'plugin_updater'             => new Checks\Plugin_Updater_Check(),
 				'plugin_review_phpcs'        => new Checks\Plugin_Review_PHPCS_Check(),
+				'direct_db_queries'          => new Checks\Direct_DB_Queries_Check(),
 				'performant_wp_query_params' => new Checks\Performant_WP_Query_Params_Check(),
 				'enqueued_scripts_in_footer' => new Checks\Enqueued_Scripts_In_Footer_Check(),
 				'plugin_readme'              => new Checks\Plugin_Readme_Check(),

diff --git a/includes/Checker/Checks/Direct_DB_Queries_Check.php b/includes/Checker/Checks/Direct_DB_Queries_Check.php
@@ -0,0 +1,49 @@
+<?php
+/**
+ * Class WordPress\Plugin_Check\Checker\Checks\Direct_DB_Queries_Check
+ *
+ * @package plugin-check
+ */
+
+namespace WordPress\Plugin_Check\Checker\Checks;
+
+use WordPress\Plugin_Check\Checker\Check_Categories;
+use WordPress\Plugin_Check\Traits\Stable_Check;
+
+/**
+ * Check for running WordPress direct DB queries sniffs.
+ *
+ * @since n.e.x.t
+ */
+class Direct_DB_Queries_Check extends Abstract_PHP_CodeSniffer_Check {
+
+	use Stable_Check;
+
+	/**
+	 * Gets the categories for the check.
+	 *
+	 * Every check must have at least one category.
+	 *
+	 * @since n.e.x.t
+	 *
+	 * @return array The categories for the check.
+	 */
+	public function get_categories() {
+		return array( Check_Categories::CATEGORY_SECURITY );
+	}
+
+	/**
+	 * Returns an associative array of arguments to pass to PHPCS.
+	 *
+	 * @since n.e.x.t
+	 *
+	 * @return array An associative array of PHPCS CLI arguments.
+	 */
+	protected function get_args() {
+		return array(
+			'extensions' => 'php',
+			'standard'   => 'WordPress',
+			'sniffs'     => 'WordPress.DB.DirectDatabaseQuery',
+		);
+	}
+}
diff --git a/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-with-errors/load.php b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-with-errors/load.php
@@ -0,0 +1,28 @@
+<?php
+/**
+ * Plugin Name: Test Plugin direct DB queries with Errors
+ * Plugin URI: https://github.com/WordPress/plugin-check
+ * Description: Some plugin description.
+ * Requires at least: 6.0
+ * Requires PHP: 5.6
+ * Version: n.e.x.t
+ * Author: WordPress Performance Team
+ * Author URI: https://make.wordpress.org/performance/
+ * License: GPLv2 or later
+ * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ * Text Domain: test-plugin-direct-db-queries-with-errors
+ *
+ * @package test-plugin-direct-db-queries-with-errors
+ */
+
+/**
+ * File contains errors related to direct DB queries issues.
+ */
+
+global $wpdb;
+
+$column = $wpdb->get_col( 'SELECT X FROM Y WHERE Z = 1' );
+
+$autoload = $wpdb->get_var( $wpdb->prepare( "SELECT autoload FROM $wpdb->options WHERE option_name = %s", $option_name ) );
+
+$wpdb->update( $wpdb->posts, array( 'post_title' => 'Hello World' ), array( 'ID' => 1 ) );
diff --git a/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
@@ -0,0 +1,16 @@
+<?php
+/**
+ * Plugin Name: Test Plugin direct DB queries without Errors
+ * Plugin URI: https://github.com/WordPress/plugin-check
+ * Description: Some plugin description.
+ * Requires at least: 6.0
+ * Requires PHP: 5.6
+ * Version: n.e.x.t
+ * Author: WordPress Performance Team
+ * Author URI: https://make.wordpress.org/performance/
+ * License: GPLv2 or later
+ * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ * Text Domain: test-plugin-direct-db-queries-without-errors
+ *
+ * @package test-plugin-direct-db-queries-without-errors
+ */
diff --git a/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php b/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php
@@ -0,0 +1,40 @@
+<?php
+/**
+ * Tests for the Direct_DB_Queries_Check class.
+ *
+ * @package plugin-check
+ */
+
+use WordPress\Plugin_Check\Checker\Check_Context;
+use WordPress\Plugin_Check\Checker\Check_Result;
+use WordPress\Plugin_Check\Checker\Checks\Direct_DB_Queries_Check;
+
+class Direct_DB_Queries_Check_Tests extends WP_UnitTestCase {
+
+	public function test_run_with_errors() {
+		$check         = new Direct_DB_Queries_Check();
+		$check_context = new Check_Context( UNIT_TESTS_PLUGIN_DIR . 'test-plugin-direct-db-queries-with-errors/load.php' );
+		$check_result  = new Check_Result( $check_context );
+
+		$check->run( $check_result );
+
+		$warnings = $check_result->get_warnings();
+
+		$this->assertNotEmpty( $warnings );
+		$this->assertArrayHasKey( 'load.php', $warnings );
+		$this->assertEquals( 6, $check_result->get_warning_count() );
+	}
+
+	public function test_run_without_errors() {
+		$check         = new Direct_DB_Queries_Check();
+		$check_context = new Check_Context( UNIT_TESTS_PLUGIN_DIR . 'test-plugin-direct-db-queries-without-errors/load.php' );
+		$check_result  = new Check_Result( $check_context );
+
+		$check->run( $check_result );
+
+		$warnings = $check_result->get_warnings();
+
+		$this->assertEmpty( $warnings );
+		$this->assertEquals( 0, $check_result->get_warning_count() );
+	}
+}