From 1a8a54c55bd17868a1abb614f95978a2147bde2d Mon Sep 17 00:00:00 2001
From: Nilambar Sharma <nilambar@outlook.com>
Date: Tue, 12 Dec 2023 11:55:15 +0545
Subject: [PATCH 1/2] Add Direct_DB_Queries_Check

---
 includes/Checker/Abstract_Check_Runner.php    |  1 +
 .../Checks/Direct_DB_Queries_Check.php        | 49 +++++++++++++++++++
 .../load.php                                  | 28 +++++++++++
 .../load.php                                  | 16 ++++++
 .../Checks/Direct_DB_Queries_Check_Tests.php  | 40 +++++++++++++++
 5 files changed, 134 insertions(+)
 create mode 100644 includes/Checker/Checks/Direct_DB_Queries_Check.php
 create mode 100644 tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-with-errors/load.php
 create mode 100644 tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
 create mode 100644 tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php

diff --git a/includes/Checker/Abstract_Check_Runner.php b/includes/Checker/Abstract_Check_Runner.php
index 7aa5df10e..dae77f257 100644
--- a/includes/Checker/Abstract_Check_Runner.php
+++ b/includes/Checker/Abstract_Check_Runner.php
@@ -555,6 +555,7 @@ private function register_checks() {
 				'late_escaping'              => new Checks\Late_Escaping_Check(),
 				'plugin_updater'             => new Checks\Plugin_Updater_Check(),
 				'plugin_review_phpcs'        => new Checks\Plugin_Review_PHPCS_Check(),
+				'direct_db_queries'          => new Checks\Direct_DB_Queries_Check(),
 				'performant_wp_query_params' => new Checks\Performant_WP_Query_Params_Check(),
 				'enqueued_scripts_in_footer' => new Checks\Enqueued_Scripts_In_Footer_Check(),
 				'plugin_readme'              => new Checks\Plugin_Readme_Check(),
diff --git a/includes/Checker/Checks/Direct_DB_Queries_Check.php b/includes/Checker/Checks/Direct_DB_Queries_Check.php
new file mode 100644
index 000000000..98639ab77
--- /dev/null
+++ b/includes/Checker/Checks/Direct_DB_Queries_Check.php
@@ -0,0 +1,49 @@
+<?php
+/**
+ * Class WordPress\Plugin_Check\Checker\Checks\Direct_DB_Queries_Check
+ *
+ * @package plugin-check
+ */
+
+namespace WordPress\Plugin_Check\Checker\Checks;
+
+use WordPress\Plugin_Check\Checker\Check_Categories;
+use WordPress\Plugin_Check\Traits\Stable_Check;
+
+/**
+ * Check for running WordPress direct DB queries sniffs.
+ *
+ * @since n.e.x.t
+ */
+class Direct_DB_Queries_Check extends Abstract_PHP_CodeSniffer_Check {
+
+	use Stable_Check;
+
+	/**
+	 * Gets the categories for the check.
+	 *
+	 * Every check must have at least one category.
+	 *
+	 * @since n.e.x.t
+	 *
+	 * @return array The categories for the check.
+	 */
+	public function get_categories() {
+		return array( Check_Categories::CATEGORY_SECURITY );
+	}
+
+	/**
+	 * Returns an associative array of arguments to pass to PHPCS.
+	 *
+	 * @since n.e.x.t
+	 *
+	 * @return array An associative array of PHPCS CLI arguments.
+	 */
+	protected function get_args() {
+		return array(
+			'extensions' => 'php',
+			'standard'   => 'WordPress',
+			'sniffs'     => 'WordPress.DB.DirectDatabaseQuery',
+		);
+	}
+}
diff --git a/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-with-errors/load.php b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-with-errors/load.php
new file mode 100644
index 000000000..4f25b235c
--- /dev/null
+++ b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-with-errors/load.php
@@ -0,0 +1,28 @@
+<?php
+/**
+ * Plugin Name: Test Plugin direct DB queries with Errors
+ * Plugin URI: https://github.com/WordPress/plugin-check
+ * Description: Some plugin description.
+ * Requires at least: 6.0
+ * Requires PHP: 5.6
+ * Version: n.e.x.t
+ * Author: WordPress Performance Team
+ * Author URI: https://make.wordpress.org/performance/
+ * License: GPLv2 or later
+ * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ * Text Domain: test-plugin-direct-db-queries-with-errors
+ *
+ * @package test-plugin-direct-db-queries-with-errors
+ */
+
+/**
+ * File contains errors related to direct DB queries issues.
+ */
+
+global $wpdb;
+
+$column = $wpdb->get_col( 'SELECT X FROM Y WHERE Z = 1' );
+
+$autoload = $wpdb->get_var( $wpdb->prepare( "SELECT autoload FROM $wpdb->options WHERE option_name = %s", $option_name ) );
+
+$wpdb->update( $wpdb->posts, array( 'post_title' => 'Hello World' ), array( 'ID' => 1 ) );
diff --git a/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
new file mode 100644
index 000000000..271c25c35
--- /dev/null
+++ b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
@@ -0,0 +1,16 @@
+<?php
+/**
+ * Plugin Name: Test Plugin direct DB queries without Errors
+ * Plugin URI: https://github.com/WordPress/plugin-check
+ * Description: Some plugin description.
+ * Requires at least: 6.0
+ * Requires PHP: 5.6
+ * Version: n.e.x.t
+ * Author: WordPress Performance Team
+ * Author URI: https://make.wordpress.org/performance/
+ * License: GPLv2 or later
+ * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ * Text Domain: test-plugin-direct-db-queries-without-errors
+ *
+ * @package test-plugin-direct-db-queries-without-errors
+ */
diff --git a/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php b/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php
new file mode 100644
index 000000000..386d3fe30
--- /dev/null
+++ b/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php
@@ -0,0 +1,40 @@
+<?php
+/**
+ * Tests for the Direct_DB_Queries_Check class.
+ *
+ * @package plugin-check
+ */
+
+use WordPress\Plugin_Check\Checker\Check_Context;
+use WordPress\Plugin_Check\Checker\Check_Result;
+use WordPress\Plugin_Check\Checker\Checks\Direct_DB_Queries_Check;
+
+class Direct_DB_Queries_Check_Tests extends WP_UnitTestCase {
+
+	public function test_run_with_errors() {
+		$check         = new Direct_DB_Queries_Check();
+		$check_context = new Check_Context( UNIT_TESTS_PLUGIN_DIR . 'test-plugin-direct-db-queries-with-errors/load.php' );
+		$check_result  = new Check_Result( $check_context );
+
+		$check->run( $check_result );
+
+		$warnings = $check_result->get_warnings();
+
+		$this->assertNotEmpty( $warnings );
+		$this->assertArrayHasKey( 'load.php', $warnings );
+		$this->assertEquals( 6, $check_result->get_warning_count() );
+	}
+
+	public function test_run_without_errors() {
+		$check         = new Direct_DB_Queries_Check();
+		$check_context = new Check_Context( UNIT_TESTS_PLUGIN_DIR . 'test-plugin-direct-db-queries-without-errors/load.php' );
+		$check_result  = new Check_Result( $check_context );
+
+		$check->run( $check_result );
+
+		$warnings = $check_result->get_warnings();
+
+		$this->assertEmpty( $warnings );
+		$this->assertEquals( 0, $check_result->get_warning_count() );
+	}
+}

From 7fa609bbbe50573679c7b7c89d874dd7574a6bf6 Mon Sep 17 00:00:00 2001
From: Nilambar Sharma <nilambar@outlook.com>
Date: Wed, 3 Jan 2024 10:23:55 +0545
Subject: [PATCH 2/2] Assert zero errors in Direct DB tests

---
 .../load.php                                             | 4 ++++
 .../Checker/Checks/Direct_DB_Queries_Check_Tests.php     | 9 ++++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
index 271c25c35..68c7e685f 100644
--- a/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
+++ b/tests/phpunit/testdata/plugins/test-plugin-direct-db-queries-without-errors/load.php
@@ -14,3 +14,7 @@
  *
  * @package test-plugin-direct-db-queries-without-errors
  */
+
+global $wpdb;
+
+echo $wpdb->insert_id;
diff --git a/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php b/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php
index 386d3fe30..c46026b21 100644
--- a/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php
+++ b/tests/phpunit/tests/Checker/Checks/Direct_DB_Queries_Check_Tests.php
@@ -19,10 +19,13 @@ public function test_run_with_errors() {
 		$check->run( $check_result );
 
 		$warnings = $check_result->get_warnings();
+		$errors   = $check_result->get_errors();
 
 		$this->assertNotEmpty( $warnings );
 		$this->assertArrayHasKey( 'load.php', $warnings );
 		$this->assertEquals( 6, $check_result->get_warning_count() );
+		$this->assertEmpty( $errors );
+		$this->assertEquals( 0, $check_result->get_error_count() );
 	}
 
 	public function test_run_without_errors() {
@@ -32,9 +35,9 @@ public function test_run_without_errors() {
 
 		$check->run( $check_result );
 
-		$warnings = $check_result->get_warnings();
-
-		$this->assertEmpty( $warnings );
+		$this->assertEmpty( $check_result->get_warnings() );
+		$this->assertEmpty( $check_result->get_errors() );
 		$this->assertEquals( 0, $check_result->get_warning_count() );
+		$this->assertEquals( 0, $check_result->get_error_count() );
 	}
 }