WooCommerce Code Reference

ImportRunSql
in package
implements StepProcessor Uses UsePluginHelpers, UseWPFunctions

Processes SQL execution steps in the Blueprint.

Handles the execution of SQL queries with safety checks to prevent unauthorized modifications to sensitive WordPress data.

Interfaces, Classes and Traits

StepProcessor
Interface StepProcessor

Table of Contents

ALLOWED_QUERY_TYPES  = array('INSERT', 'UPDATE', 'REPLACE INTO')
List of allowed SQL query types.
$filesystem_initialized  : bool
Whether the filesystem has been initialized.
activate_plugin_by_slug()  : false|null|WP_Error
Activate a plugin by its slug.
check_step_capabilities()  : bool
Check if the current user has the required capabilities for this step.
deactivate_plugin_by_slug()  : bool
Deactivate a plugin by its slug.
delete_plugin_by_slug()  : bool|WP_Error
Deactivate and delete a plugin by its slug.
get_step_class()  : string
Returns the class name of the step this processor handles.
is_plugin_dir()  : bool
Check if a plugin with the specified slug is installed.
is_wp_error()  : bool
Checks if a variable is a WP_Error.
process()  : StepProcessorResult
Process the SQL execution step.
wp_activate_plugin()  : WP_Error|null
Activates a plugin.
wp_add_action()  : mixed
Adds an action to a specified tag.
wp_add_filter()  : mixed
Adds a filter to a specified tag.
wp_apply_filters()  : mixed
Calls the functions added to a filter hook.
wp_delete_plugins()  : array<string|int, mixed>|WP_Error|null
Deletes plugins.
wp_do_action()  : mixed
Executes the functions hooked on a specific action hook.
wp_download_url()  : string|WP_Error
Downloads a file from a URL.
wp_filesystem_get_contents()  : string|false
Alias for WP_Filesystem::get_contents().
wp_filesystem_put_contents()  : bool
Alias for WP_Filesystem::put_contents().
wp_get_current_user_id()  : int
Retrieves the current user's ID.
wp_get_option()  : mixed
Retrieves an option from the database.
wp_get_plugins()  : array<string|int, mixed>
Retrieves all plugins.
wp_get_theme()  : WP_Theme
Retrieves a theme.
wp_get_theme_root()  : string
Retrieves the root directory of the current theme.
wp_get_themes()  : array<string|int, mixed>
Retrieves all themes.
wp_init_filesystem()  : bool
Initializes the WordPress filesystem.
wp_is_plugin_active()  : bool
Checks if a plugin is active.
wp_plugins_api()  : object|WP_Error
Retrieves plugin information from the WordPress Plugin API.
wp_switch_theme()  : mixed
Switches the current theme.
wp_themes_api()  : object|WP_Error
Retrieves theme information from the WordPress Theme API.
wp_unzip_file()  : bool|WP_Error
Unzips a file to a specified location.
wp_update_option()  : bool
Updates an option in the database.
wp_upload_dir()  : array<string|int, mixed>
Retrieves the upload directory information.
affects_protected_tables()  : bool
Check if the SQL query affects protected user tables.
affects_user_capabilities()  : bool
Check if the SQL query affects user capabilities in wp_options.
contains_sql_injection_patterns()  : bool
Check for common SQL injection patterns.
contains_suspicious_comments()  : bool
Check for suspicious comment patterns that might hide malicious code.
is_allowed_query_type()  : bool
Check if the SQL query type is allowed.

Constants

Properties

Methods

activate_plugin_by_slug()

Activate a plugin by its slug.

public activate_plugin_by_slug(string $slug) : false|null|WP_Error

Searches for the plugin with the specified slug in the installed plugins and activates it.

Parameters
$slug : string

The slug of the plugin to activate.

Return values
false|null|WP_ErrorNull on success, WP_Error on invalid file, false if not found.

check_step_capabilities()

Check if the current user has the required capabilities for this step.

public check_step_capabilities(object $schema) : bool
Parameters
$schema : object

The schema to process.

Return values
boolTrue if the user has the required capabilities. False otherwise.

deactivate_plugin_by_slug()

Deactivate a plugin by its slug.

public deactivate_plugin_by_slug(string $slug) : bool

Searches for the plugin with the specified slug in the installed plugins and deactivates it.

Parameters
$slug : string

The slug of the plugin to deactivate.

Return values
boolTrue if the plugin was deactivated, false otherwise.

delete_plugin_by_slug()

Deactivate and delete a plugin by its slug.

public delete_plugin_by_slug(string $slug) : bool|WP_Error

Searches for the plugin with the specified slug in the installed plugins, deactivates it if active, and then deletes it.

Parameters
$slug : string

The slug of the plugin to delete.

Return values
bool|WP_ErrorTrue if the plugin was deleted, false otherwise.

is_plugin_dir()

Check if a plugin with the specified slug is installed.

public is_plugin_dir(string $slug) : bool
Parameters
$slug : string

The slug of the plugin to check.

Return values
bool

is_wp_error()

Checks if a variable is a WP_Error.

public is_wp_error(mixed $thing) : bool
Parameters
$thing : mixed

Variable to check.

Return values
boolTrue if the variable is a WP_Error, false otherwise.

process()

Process the SQL execution step.

public process(object $schema) : StepProcessorResult

Validates and executes the SQL query while ensuring:

  1. Only allowed query types are executed
  2. No modifications to admin users or roles
  3. No unauthorized changes to user capabilities
Parameters
$schema : object

The schema containing the SQL query to execute.

Return values
StepProcessorResultThe result of the SQL execution.

wp_activate_plugin()

Activates a plugin.

public wp_activate_plugin(string $plugin[, string $redirect = '' ][, bool $network_wide = false ][, bool $silent = false ]) : WP_Error|null
Parameters
$plugin : string

Path to the plugin file relative to the plugins directory.

$redirect : string = ''

Optional. URL to redirect to after activation.

$network_wide : bool = false

Optional. Whether to enable the plugin for all sites in the network.

$silent : bool = false

Optional. Whether to prevent calling activation hooks.

Return values
WP_Error|nullWP_Error on failure, null on success.

wp_add_action()

Adds an action to a specified tag.

public wp_add_action(string $tag, callable $function_to_add[, int $priority = 10 ][, int $accepted_args = 1 ]) : mixed
Parameters
$tag : string

The name of the action to hook the $function_to_add to.

$function_to_add : callable

The callback to be run when the action is triggered.

$priority : int = 10

Optional. Used to specify the order in which the functions associated with a particular action are executed. Default 10.

$accepted_args : int = 1

Optional. The number of arguments the function accepts. Default 1.

Return values
mixed

wp_add_filter()

Adds a filter to a specified tag.

public wp_add_filter(string $tag, callable $function_to_add[, int $priority = 10 ][, int $accepted_args = 1 ]) : mixed
Parameters
$tag : string

The name of the filter to hook the $function_to_add to.

$function_to_add : callable

The callback to be run when the filter is applied.

$priority : int = 10

Optional. Used to specify the order in which the functions associated with a particular action are executed. Default 10.

$accepted_args : int = 1

Optional. The number of arguments the function accepts. Default 1.

Return values
mixed

wp_apply_filters()

Calls the functions added to a filter hook.

public wp_apply_filters(string $tag, mixed $value) : mixed
Parameters
$tag : string

The name of the filter hook.

$value : mixed

The value on which the filters hooked to $tag are applied on.

Return values
mixedThe filtered value after all hooked functions are applied to it.

wp_delete_plugins()

Deletes plugins.

public wp_delete_plugins(array<string|int, mixed> $plugins) : array<string|int, mixed>|WP_Error|null
Parameters
$plugins : array<string|int, mixed>

List of plugins to delete.

Return values
array<string|int, mixed>|WP_Error|nullArray of results or WP_Error on failure, null if filesystem credentials are required to proceed.

wp_do_action()

Executes the functions hooked on a specific action hook.

public wp_do_action(string $tag, mixed ...$args) : mixed
Parameters
$tag : string

The name of the action to be executed.

$args : mixed

Optional. Additional arguments which are passed on to the functions hooked to the action.

Return values
mixed

wp_download_url()

Downloads a file from a URL.

public wp_download_url(string $url) : string|WP_Error
Parameters
$url : string

The URL of the file to download.

Return values
string|WP_ErrorThe local file path on success, WP_Error on failure.

wp_filesystem_get_contents()

Alias for WP_Filesystem::get_contents().

public wp_filesystem_get_contents(string $file_path) : string|false
Parameters
$file_path : string

The path to the file to read.

Return values
string|falseThe contents of the file, or false on failure.

wp_filesystem_put_contents()

Alias for WP_Filesystem::put_contents().

public wp_filesystem_put_contents(string $file_path, mixed $content) : bool
Parameters
$file_path : string

The path to the file to write.

$content : mixed

The data to write to the file.

Return values
boolTrue on success, false on failure.

wp_get_option()

Retrieves an option from the database.

public wp_get_option(string $option[, mixed $default_value = false ]) : mixed
Parameters
$option : string

Name of the option to retrieve.

$default_value : mixed = false

Optional. Default value to return if the option does not exist.

Return values
mixedValue of the option or $default if the option does not exist.

wp_get_plugins()

Retrieves all plugins.

public wp_get_plugins([string $plugin_folder = '' ]) : array<string|int, mixed>
Parameters
$plugin_folder : string = ''

Optional. Path to the plugin folder to scan.

Return values
array<string|int, mixed>Array of plugins.

wp_get_theme()

Retrieves a theme.

public wp_get_theme([string|null $stylesheet = null ]) : WP_Theme
Parameters
$stylesheet : string|null = null

Optional. The theme's stylesheet name.

Return values
WP_ThemeThe theme object.

wp_get_theme_root()

Retrieves the root directory of the current theme.

public wp_get_theme_root() : string
Return values
stringThe root directory of the current theme.

wp_get_themes()

Retrieves all themes.

public wp_get_themes([array<string|int, mixed> $args = array() ]) : array<string|int, mixed>
Parameters
$args : array<string|int, mixed> = array()

Optional. Arguments to pass to the API.

Return values
array<string|int, mixed>Array of themes.

wp_is_plugin_active()

Checks if a plugin is active.

public wp_is_plugin_active(string $plugin) : bool
Parameters
$plugin : string

Path to the plugin file relative to the plugins directory.

Return values
boolTrue if the plugin is active, false otherwise.

wp_plugins_api()

Retrieves plugin information from the WordPress Plugin API.

public wp_plugins_api(string $action[, array<string|int, mixed> $args = array() ]) : object|WP_Error
Parameters
$action : string

The type of information to retrieve from the API.

$args : array<string|int, mixed> = array()

Optional. Arguments to pass to the API.

Return values
object|WP_ErrorThe API response object or WP_Error on failure.

wp_switch_theme()

Switches the current theme.

public wp_switch_theme(string $name) : mixed
Parameters
$name : string

The name of the theme to switch to.

Return values
mixed

wp_themes_api()

Retrieves theme information from the WordPress Theme API.

public wp_themes_api(string $action[, array<string|int, mixed> $args = array() ]) : object|WP_Error
Parameters
$action : string

The type of information to retrieve from the API.

$args : array<string|int, mixed> = array()

Optional. Arguments to pass to the API.

Return values
object|WP_ErrorThe API response object or WP_Error on failure.

wp_unzip_file()

Unzips a file to a specified location.

public wp_unzip_file(string $path, string $to) : bool|WP_Error
Parameters
$path : string

Path to the ZIP file.

$to : string

Destination directory.

Return values
bool|WP_ErrorTrue on success, WP_Error on failure.

wp_update_option()

Updates an option in the database.

public wp_update_option(string $option, mixed $value[, string|null $autoload = null ]) : bool
Parameters
$option : string

Name of the option to update.

$value : mixed

New value for the option.

$autoload : string|null = null

Optional. Whether to load the option when WordPress starts up.

Return values
boolTrue if option was updated, false otherwise.

wp_upload_dir()

Retrieves the upload directory information.

public wp_upload_dir() : array<string|int, mixed>
Return values
array<string|int, mixed>Array of upload directory information.

affects_protected_tables()

Check if the SQL query affects protected user tables.

private affects_protected_tables(string $sql_content) : bool
Parameters
$sql_content : string

The SQL query to check.

Return values
boolTrue if the query affects protected tables, false otherwise.

affects_user_capabilities()

Check if the SQL query affects user capabilities in wp_options.

private affects_user_capabilities(string $sql_content) : bool
Parameters
$sql_content : string

The SQL query to check.

Return values
boolTrue if the query affects user capabilities, false otherwise.

contains_sql_injection_patterns()

Check for common SQL injection patterns.

private contains_sql_injection_patterns(string $sql_content) : bool
Parameters
$sql_content : string

The SQL query to check.

Return values
boolTrue if potential injection patterns found, false otherwise.

contains_suspicious_comments()

Check for suspicious comment patterns that might hide malicious code.

private contains_suspicious_comments(string $sql_content) : bool

This method detects various types of SQL comments that might be used to hide malicious SQL commands or bypass security filters.

Parameters
$sql_content : string

The SQL query to check.

Return values
boolTrue if suspicious comments found, false otherwise.

is_allowed_query_type()

Check if the SQL query type is allowed.

private is_allowed_query_type(string $sql_content) : bool
Parameters
$sql_content : string

The SQL query to check.

Return values
boolTrue if the query type is allowed, false otherwise.