Addressed PR feedback.

Author: iamdharmesh

includes/class-mailchimp-admin.php

@@ -11,11 +11,11 @@
 }
 
 /**
- * Class MailChimp_Admin
+ * Class Mailchimp_Admin
  *
  * @since x.x.x
  */
-class MailChimp_Admin {
+class Mailchimp_Admin {
 
 	/**
 	 * The OAuth base endpoint
@@ -125,11 +125,6 @@ public function finish_oauth_process() {
 			// Save the access token and data center.
 			$result = json_decode( $response['body'], true );
 			if ( $result && ! empty( $result['access_token'] ) && ! empty( $result['data_center'] ) ) {
-				// Clean up the old data.
-				delete_option( 'mailchimp_sf_access_token' );
-				delete_option( 'mailchimp_sf_auth_error' );
-				delete_option( 'mc_datacenter' );
-
 				delete_site_transient( 'mailchimp_sf_oauth_secret' );
 
 				// Verify the token.
@@ -172,12 +167,16 @@ public function verify_and_save_oauth_token( $access_token, $data_center ) {
 		// Might as well set this data if we have it already.
 		$valid_roles = array( 'owner', 'admin', 'manager' );
 		if ( isset( $user['role'] ) && in_array( $user['role'], $valid_roles, true ) ) {
-			$data_encryption = new MailChimp_Data_Encryption();
-			$access_token    = $data_encryption->encrypt( $access_token );
+			$data_encryption = new Mailchimp_Data_Encryption();
+
+			// Clean up the old data.
+			delete_option( 'mailchimp_sf_access_token' );
+			delete_option( 'mailchimp_sf_auth_error' );
+			delete_option( 'mc_datacenter' );
 
-			update_option( 'mailchimp_sf_access_token', $access_token );
-			update_option( 'mc_datacenter', $data_center );
-			update_option( 'mc_user', $user );
+			update_option( 'mailchimp_sf_access_token', $data_encryption->encrypt( $access_token ) );
+			update_option( 'mc_datacenter', sanitize_text_field( $data_center ) );
+			update_option( 'mc_user', $this->sanitize_data( $user ) );
 			return true;
 
 		} else {
@@ -192,24 +191,46 @@ public function verify_and_save_oauth_token( $access_token, $data_center ) {
 	 * @since x.x.x
 	 */
 	public function admin_notices() {
+		if (
+			! get_option( 'mailchimp_sf_auth_error', false ) ||
+			! current_user_can( 'manage_options' ) ||
+			! get_option( 'mailchimp_sf_access_token', '' )
+		) {
+			return;
+		}
+
 		// display a notice if the access token is invalid/revoked.
-		if ( get_option( 'mailchimp_sf_auth_error', false ) && current_user_can( 'manage_options' ) && get_option( 'mailchimp_sf_access_token', '' ) ) {
-			?>
-			<div class="notice notice-warning is-dismissible">
-				<p>
-					<?php
-					$message = sprintf(
-						/* translators: Placeholders: %1$s - <a> tag, %2$s - </a> tag */
-						__( 'Heads up! There may be a problem with your connection to Mailchimp. Please %1$sre-connect%2$s your Mailchimp account to fix the issue.', 'mailchimp' ),
-						'<a href="' . esc_url( admin_url( 'admin.php?page=mailchimp_sf_options' ) ) . '">',
-						'</a>'
-					);
-
-					echo wp_kses( $message, array( 'a' => array( 'href' => array() ) ) );
-					?>
-				</p>
-			</div>
-			<?php
+		?>
+		<div class="notice notice-warning is-dismissible">
+			<p>
+				<?php
+				$message = sprintf(
+					/* translators: Placeholders: %1$s - <a> tag, %2$s - </a> tag */
+					__( 'Heads up! There may be a problem with your connection to Mailchimp. Please %1$sre-connect%2$s your Mailchimp account to fix the issue.', 'mailchimp' ),
+					'<a href="' . esc_url( admin_url( 'admin.php?page=mailchimp_sf_options' ) ) . '">',
+					'</a>'
+				);
+
+				echo wp_kses( $message, array( 'a' => array( 'href' => array() ) ) );
+				?>
+			</p>
+		</div>
+		<?php
+	}
+
+	/**
+	 * Sanitize variables using sanitize_text_field.
+	 *
+	 * Arrays are sanitized recursively, Non-scalar values are ignored.
+	 *
+	 * @param string|array $data Data to sanitize.
+	 * @return string|array
+	 */
+	public function sanitize_data( $data ) {
+		if ( is_array( $data ) ) {
+			return array_map( array( $this, 'sanitize_data' ), $data );
+		} else {
+			return is_scalar( $data ) ? sanitize_text_field( $data ) : $data;
 		}
 	}
 }

includes/class-mailchimp-data-encryption.php

@@ -11,11 +11,11 @@
 }
 
 /**
- * Class MailChimp_Data_Encryption
+ * Class Mailchimp_Data_Encryption
  *
  * @since x.x.x
  */
-class MailChimp_Data_Encryption {
+class Mailchimp_Data_Encryption {
 
 	/**
 	 * Key to use for encryption.

js/admin.js

@@ -10,7 +10,7 @@
 	 *
 	 * @param {string} token - Token from the Oauth service.
 	 */
-	function openMailChimpOauthPopup(token) {
+	function openMailchimpOauthPopup(token) {
 		const startUrl = oauthBaseUrl + '/auth/start/' + token;
 		const width = 800;
 		const height = 600;
@@ -52,7 +52,7 @@
 						click() {
 							$(this).dialog('close');
 							$(spinner).addClass('is-active');
-							openMailChimpOauthPopup(token);
+							openMailchimpOauthPopup(token);
 						},
 						style: 'margin-left: 10px;',
 					},
@@ -134,7 +134,7 @@
 				function (response) {
 					if (response.success && response.data && response.data.token) {
 						// Open Mailchimp OAuth popup.
-						openMailChimpOauthPopup(response.data.token);
+						openMailchimpOauthPopup(response.data.token);
 					} else {
 						if (response.data && response.data.message) {
 							$(errorSelector).html(response.data.message);

mailchimp.php

@@ -63,7 +63,7 @@
 
 // Init Admin functions.
 require_once plugin_dir_path( __FILE__ ) . 'includes/class-mailchimp-admin.php';
-$admin = new MailChimp_Admin();
+$admin = new Mailchimp_Admin();
 $admin->init();
 
 /**
@@ -1416,7 +1416,7 @@ function mailchimp_sf_create_nonce( $action = -1 ) {
  */
 function mailchimp_sf_get_access_token() {
 	$access_token    = get_option( 'mailchimp_sf_access_token' );
-	$data_encryption = new MailChimp_Data_Encryption();
+	$data_encryption = new Mailchimp_Data_Encryption();
 
 	return $data_encryption->decrypt( $access_token );
 }

views/setup_page.php

@@ -72,11 +72,6 @@
 			<p class="oauth-error error_msg" style="display:none;"></p>
 			<div id="login-popup-blocked-modal" style="display:none;">
 				<p><?php esc_html_e( 'Please allow your browser to show popups for this page.', 'mailchimp' ); ?></p>
-				<div class="footer">
-					<a href="https://mailchimp.com/help/enable-pop-ups-in-your-browser/"><!--TODO: This link not working fix this. -->
-						<?php esc_html_e( 'How to Enable Pop-ups in Your Browser', 'mailchimp' ); ?>
-					</a>
-				</div>
 			</div>
 		</div>
 	</div>