Merge pull request #638 from CleanTalk/psc_on_plugins_list.ag

Upd. Vulnerability Alarm. Show badge for PSC safe plugins on the installed plugins list.

Author: alexandergull

css/spbc-admin.min.css

@@ -148,19 +148,32 @@ span.green_dot{
 #spbct-upload-checker-details li:nth-child(2n+1) {
 	background: #CCC;
 }
+
+/*--------Vulnerability alarm section--------*/
+
 .plugins .update + .spbc-vulnerable-notice td {
 	box-shadow: none !important;
 }
 .themes .spbc-vulnerable-notice {
 	top: auto;
 	bottom: 45px;
 }
+/*Badge itself*/
 .spbct-safe-extension-badge {
 	cursor: pointer;
 }
+		.spbct-safe-extension-badge[data-type="installed_plugins"] {
+			display: inline-flex;
+			position: relative;
+			min-width: 100px;
+		}
+
+/*Description placeholder*/
 .spbct-safe-extension-badge-description-placeholder {
 	position: relative;
 }
+
+/*Description body*/
 .spbct-safe-extension-badge-description {
 	display: none;
 	position: absolute;
@@ -169,11 +182,59 @@ span.green_dot{
 	color: white;
 	text-align: center;
 	top: 2px;
-	right: 0;
-	padding: 5px;
+	padding: 10px;
 	animation: fadeInFromNone 0.3s ease-in-out;
 	z-index: 9999;
+	width: max-content;
+}
+		.spbct-safe-extension-badge-description[data-type="installed_plugins"] {
+			top: 20px;
+			left: -18px;
+		}
+		.spbct-safe-extension-badge-description[data-type="before_install"] {
+			top: -1px;
+			right: 0;
+		}
+
+/*Description body angle*/
+.spbct-safe-extension-badge-description:before {
+	content: '';
+	position: absolute;
+	top: -9px;
+	border: 5px solid transparent;
+	border-bottom: 5px solid rgba(0, 0, 0, 0.5);
+}
+		.spbct-safe-extension-badge-description[data-type="installed_plugins"]:before {
+			left: 6px;
+		}
+		.spbct-safe-extension-badge-description[data-type="before_install"]:before {
+			right: 6px;
+		}
+/*Description body link style*/
+.spbct-safe-extension-badge-description > a {
+	color: white;
+	text-decoration: underline;
 }
+/*Description popup behavior for list of installed plugins*/
+.spbct-safe-extension-badge[data-type="installed_plugins"]:hover > .spbct-safe-extension-badge-description-placeholder[data-type="installed_plugins"] > .spbct-safe-extension-badge-description[data-type="installed_plugins"],
+.spbct-safe-extension-badge-description[data-type="installed_plugins"]:hover {
+	display: block;
+}
+/*Description popup behavior for search*/
+.spbct-safe-extension-badge[data-type="before_install"]:hover + .spbct-safe-extension-badge-description-placeholder[data-type="before_install"] > .spbct-safe-extension-badge-description[data-type="before_install"],
+.spbct-safe-extension-badge-description[data-type="before_install"]:hover {
+	display: block;
+}
+
+@media screen and (max-width: 600px) {
+	.spbct-safe-extension-badge-description[data-type="installed_plugins"]
+	{
+		min-width: unset;
+		width: unset;
+	}
+}
+
+/*Description popup animation rules*/
 @keyframes fadeInFromNone {
 	0% {
 		display: none;
@@ -188,22 +249,7 @@ span.green_dot{
 		opacity: 1;
 	}
 }
-.spbct-safe-extension-badge-description:before {
-	content: '';
-	position: absolute;
-    top: -10px;
-    right: 6px;
-	border: 5px solid transparent;
-	border-bottom: 5px solid rgba(0, 0, 0, 0.5);
-}
-.spbct-safe-extension-badge:hover + .spbct-safe-extension-badge-description-placeholder > .spbct-safe-extension-badge-description,
-.spbct-safe-extension-badge-description:hover{
-	display: block;
-}
-.spbct-safe-extension-badge-description > a {
-	color: white;
-	text-decoration: underline;
-}
+
 
 #menu-settings {
 	position: relative;

css/src/spbc-admin.css

@@ -305,46 +305,39 @@ function spbc_plugin_list_show_vulnerability($plugin_file, $plugin_data, $_statu
 
 if (isset($spbc->settings['vulnerability_check__show_reports']) && $spbc->settings['vulnerability_check__show_reports'] == true) {
     add_filter('plugins_api_result', 'spbc_plugin_install_show_safety', 10, 3);
-    add_filter('plugin_row_meta', 'spbc_plugin_list_show_safety', 10, 3);
+    add_action('current_screen', 'spbc_plugin_list_add_psc_badge_buffer_handler', 1);
 }
 
 /**
- * Show safety link for plugins
- * @param array $links
- * @param string $file
- * @param array $plugin_data
- * @return array
- * @psalm-suppress UnusedParam
+ * Hook handler. Run buffer intercept to add PSC badges for any safe plugin.
+ * @param \WP_Screen $screen current_screen hook arg
+ * @return void
  */
-function spbc_plugin_list_show_safety($links, $file, $plugin_data)
+function spbc_plugin_list_add_psc_badge_buffer_handler($screen)
 {
-    global $spbc;
-
-    if (!isset($plugin_data, $plugin_data['slug'], $plugin_data['Version'])) {
-        return $links;
+    // exit if screen is not of plugins
+    if (!$screen || $screen->id !== 'plugins') {
+        return;
     }
 
-    $slug = $plugin_data['slug'];
-    $version = $plugin_data['Version'];
-
-    $report = VulnerabilityAlarmService::getItemReportStatic($slug, $version, true, false);
-
-    $do_show = (
-        isset($spbc->settings['vulnerability_check__show_reports']) &&
-        $spbc->settings['vulnerability_check__show_reports'] == true
-    );
-
-    if ($do_show && isset($report, $report->psc, $report->id, $slug)) {
-        $links[] = sprintf(
-            '<a href="https://research.cleantalk.org/reports/app/%s#%s" target="_blank" title="%s">%s</a>',
-            $slug,
-            $report->id,
-            $report->psc,
-            __('Security certified plugin', 'security-malware-firewall')
-        );
+    // exit if no PSC safe plugins found
+    $safe_plugins_data = VulnerabilityAlarm::getSafePlugins(get_plugins(), false);
+    if (empty($safe_plugins_data)) {
+        return;
     }
 
-    return $links;
+    // start buffering
+    ob_start(function ($html) use ($safe_plugins_data) {
+        $handler_result = VulnerabilityAlarmView::addPSCBadgeToInstalledPluginsList($html, $safe_plugins_data);
+        if (
+            is_array($handler_result) &&
+            empty($handler_result['error']) &&
+            !empty($handler_result['html'])
+        ) {
+            $html = $handler_result['html'];
+        }
+        return $html;
+    });
 }
 
 function spbc_plugin_install_show_safety($res, $action, $_args)

inc/spbc-admin.php

@@ -146,7 +146,7 @@ public function convertFileGetContentsToString($current_file_path)
                 }
             }
 
-            if ( $path && file_exists($path) ) {
+            if ( $path && file_exists($path) && is_file($path) ) {
                 // Delete tokens which contained the file_get_contents expression
                 for ( $i = $start_position; $i <= $closing_bracket_position; $i++ ) {
                     $this->tokens->unsetTokens($i);

lib/CleantalkSP/Common/Scanner/HeuristicAnalyser/Modules/Strings.php

@@ -0,0 +1,11 @@
+<div class="spbct-safe-extension-badge" data-tooltip="SPBCT safe plugin" data-type="installed_plugins">
+    &nbsp;
+        <img src="{{ASSETS_URL}}/approved_psc_small.svg"  alt="Approved"/>
+        <div class="spbct-safe-extension-badge-description-placeholder" data-type="installed_plugins">
+            <div class="spbct-safe-extension-badge-description" data-type="installed_plugins">
+                {{DESCRIPTION}}
+                <br>
+                {{MORE_DETAILS_LINK}}
+            </div>
+        </div>
+</div>

lib/CleantalkSP/SpbctWP/VulnerabilityAlarm/Assets/approved_psc_small.svg

@@ -1,8 +1,8 @@
-<div class="spbct-safe-extension-badge" data-tooltip="SPBCT safe plugin">
+<div class="spbct-safe-extension-badge" data-tooltip="SPBCT safe plugin" data-type="before_install">
     <img src="{{ASSETS_URL}}/approved_psc.svg"  alt="Approved"/>
 </div>
-<div class="spbct-safe-extension-badge-description-placeholder">
-    <div class="spbct-safe-extension-badge-description">
+<div class="spbct-safe-extension-badge-description-placeholder" data-type="before_install">
+    <div class="spbct-safe-extension-badge-description" data-type="before_install">
         {{DESCRIPTION}}
         <br>
         {{MORE_DETAILS_LINK}}

lib/CleantalkSP/SpbctWP/VulnerabilityAlarm/View/PluginIsSafeBadgeForInstalledPlugins.html

@@ -51,10 +51,10 @@ public static function sendReport()
      * @param string $research_url
      * @return string|null
      */
-    public static function showSafeBadge($module_type = 'plugin', $plugin_slug = '', $plugin_id = '', $psc_cert_name = '', $research_url = '')
+    public static function showSafeBadge($module_type = 'plugin', $plugin_slug = '', $plugin_id = '', $psc_cert_name = '', $research_url = '', $placed_on_installed_list = false)
     {
         if ( ! empty($psc_cert_name) ) {
-            return VulnerabilityAlarmView::showSafeBadgePSC($module_type, $plugin_slug, $plugin_id, $psc_cert_name, $research_url);
+            return VulnerabilityAlarmView::showSafeBadgePSC($module_type, $plugin_slug, $plugin_id, $psc_cert_name, $research_url, $placed_on_installed_list);
         }
         return null;
     }