fix: validate orderby and order input params

[sapayth]

validate orderby and order input params for sorting a WP list table. details here.

for testers: please check the Transactions are showing, sorting properly in WP dashboard > WPUF > Transections menu

Summary by CodeRabbit

• Bug Fixes

  • Added validation for orderby and order parameters in transaction functions to prevent invalid values.

• Enhancements

  • Default sorting options introduced for completed and pending transactions.
  • Improved return types for transaction fetching functions to handle more scenarios.

[coderabbitai]

Walkthrough

The recent updates to wpuf-functions.php focus on enhancing the validation processes for the orderby and order parameters in the wpuf_get_completed_transactions and wpuf_get_pending_transactions functions. Additionally, support has been added for valid local variables $orderby and $order. The return types for wpuf_get_all_transactions were also expanded to include int and void for better handling of different result types.

Changes

File	Change Summary
wpuf-functions.php	Updated wpuf_get_completed_transactions and wpuf_get_pending_transactions to validate orderby and order parameters, added new local variables and modified return types.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant wpuf_get_completed_transactions
    participant wpuf_get_pending_transactions
    participant wpuf_get_all_transactions

    User->>wpuf_get_completed_transactions: Call with args
    wpuf_get_completed_transactions->>wpuf_get_completed_transactions: Validate `orderby` and `order`
    wpuf_get_completed_transactions-->>User: Return array|string

    User->>wpuf_get_pending_transactions: Call with args
    wpuf_get_pending_transactions->>wpuf_get_pending_transactions: Validate `orderby` and `order`
    wpuf_get_pending_transactions-->>User: Return array|int|void

    User->>wpuf_get_all_transactions: Call with args
    wpuf_get_all_transactions-->>User: Return array|int|void

Loading

Poem

In code we trust, transactions flow,
With order and sort, a cleaner show,
Pending or done, they march in line,
Improvements made, just in time.
Indeed, it's true, our code's refined,
With valid checks, it won't unwind.

---

Tip

Early access features: enabled

We are currently testing the following features in early access:

• OpenAI gpt-4o model for code reviews and chat: OpenAI claims that this model is better at understanding and generating code than the previous models. We seek your feedback over the next few weeks before making it generally available.

Note:

• You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file.
• Please join our Discord Community to provide feedback and report issues.
• OSS projects are currently opted into early access features by default.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 92a12ae and 0995948.

Files selected for processing (1)

• wpuf-functions.php (5 hunks)

Additional comments not posted (5)

wpuf-functions.php (5)

2136-2142: Proper validation for orderby and order parameters.

The validation logic for orderby and order parameters ensures that only valid values are used, defaulting to 'id' and 'DESC' respectively if invalid values are provided.

---

2176-2182: Proper validation for orderby and order parameters.

The validation logic for orderby and order parameters ensures that only valid values are used, defaulting to 'id' and 'DESC' respectively if invalid values are provided.

---

2123-2124: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to wpuf_get_completed_transactions match the new signature.

---

2243-2243: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to wpuf_get_all_transactions match the new signature.

---

2163-2164: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to wpuf_get_pending_transactions match the new signature.

Verification successful

---

Function calls to wpuf_get_pending_transactions are consistent with the new signature.

The following locations in the codebase have been verified:

• includes/Admin/List_Table_Transactions.php lines 88, 237, and 259.

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Description: Verify all function calls to `wpuf_get_pending_transactions` match the new signature.

# Test: Search for the function usage. Expect: Only occurrences of the new signature.
rg --type php $'wpuf_get_pending_transactions'

Length of output: 488

---

---

Script:

#!/bin/bash
# Extract the lines where `wpuf_get_pending_transactions` is called in `includes/Admin/List_Table_Transactions.php`
rg --type php --line-number wpuf_get_pending_transactions includes/Admin/List_Table_Transactions.php

Length of output: 353

---

---

Script:

#!/bin/bash
# Extract context around the lines where `wpuf_get_pending_transactions` is called in `includes/Admin/List_Table_Transactions.php`
rg --type php --context 5 --line-number wpuf_get_pending_transactions includes/Admin/List_Table_Transactions.php

Length of output: 2040