Edit File by line

<?php

[0] Fix | Delete

[1] Fix | Delete

namespace Yoast\WP\SEO\Integrations\Front_End;

[2] Fix | Delete

[3] Fix | Delete

use WP_Query;

[4] Fix | Delete

use Yoast\WP\SEO\Conditionals\Front_End_Conditional;

[5] Fix | Delete

use Yoast\WP\SEO\Helpers\Options_Helper;

[6] Fix | Delete

use Yoast\WP\SEO\Helpers\Redirect_Helper;

[7] Fix | Delete

use Yoast\WP\SEO\Integrations\Integration_Interface;

[8] Fix | Delete

[9] Fix | Delete

/**

[10] Fix | Delete

* Class Crawl_Cleanup_Searches.

[11] Fix | Delete

[12] Fix | Delete

class Crawl_Cleanup_Searches implements Integration_Interface {

[13] Fix | Delete

[14] Fix | Delete

/**

[15] Fix | Delete

* Patterns to match against to find spam.

[16] Fix | Delete

[17] Fix | Delete

* @var array

[18] Fix | Delete

[19] Fix | Delete

private $patterns = [

[20] Fix | Delete

'/[：（）【】［］]+/u',

[21] Fix | Delete

'/(TALK|QQ)\:/iu',

[22] Fix | Delete

];

[23] Fix | Delete

[24] Fix | Delete

/**

[25] Fix | Delete

* The options helper.

[26] Fix | Delete

[27] Fix | Delete

* @var Options_Helper

[28] Fix | Delete

[29] Fix | Delete

private $options_helper;

[30] Fix | Delete

[31] Fix | Delete

/**

[32] Fix | Delete

* The redirect helper.

[33] Fix | Delete

[34] Fix | Delete

* @var Redirect_Helper

[35] Fix | Delete

[36] Fix | Delete

private $redirect_helper;

[37] Fix | Delete

[38] Fix | Delete

/**

[39] Fix | Delete

* Crawl_Cleanup_Searches integration constructor.

[40] Fix | Delete

[41] Fix | Delete

* @param Options_Helper $options_helper The option helper.

[42] Fix | Delete

* @param Redirect_Helper $redirect_helper The redirect helper.

[43] Fix | Delete

[44] Fix | Delete

public function __construct( Options_Helper $options_helper, Redirect_Helper $redirect_helper ) {

[45] Fix | Delete

$this->options_helper = $options_helper;

[46] Fix | Delete

$this->redirect_helper = $redirect_helper;

[47] Fix | Delete

}

[48] Fix | Delete

[49] Fix | Delete

/**

[50] Fix | Delete

* Initializes the integration.

[51] Fix | Delete

[52] Fix | Delete

* This is the place to register hooks and filters.

[53] Fix | Delete

[54] Fix | Delete

* @return void

[55] Fix | Delete

[56] Fix | Delete

public function register_hooks() {

[57] Fix | Delete

if ( $this->options_helper->get( 'search_cleanup' ) ) {

[58] Fix | Delete

\add_filter( 'pre_get_posts', [ $this, 'validate_search' ] );

[59] Fix | Delete

}

[60] Fix | Delete

if ( $this->options_helper->get( 'redirect_search_pretty_urls' ) && ! empty( \get_option( 'permalink_structure' ) ) ) {

[61] Fix | Delete

\add_action( 'template_redirect', [ $this, 'maybe_redirect_searches' ], 2 );

[62] Fix | Delete

}

[63] Fix | Delete

}

[64] Fix | Delete

[65] Fix | Delete

/**

[66] Fix | Delete

* Returns the conditionals based in which this loadable should be active.

[67] Fix | Delete

[68] Fix | Delete

* @return array The array of conditionals.

[69] Fix | Delete

[70] Fix | Delete

public static function get_conditionals() {

[71] Fix | Delete

return [ Front_End_Conditional::class ];

[72] Fix | Delete

}

[73] Fix | Delete

[74] Fix | Delete

/**

[75] Fix | Delete

* Check if we want to allow this search to happen.

[76] Fix | Delete

[77] Fix | Delete

* @param WP_Query $query The main query.

[78] Fix | Delete

[79] Fix | Delete

* @return WP_Query

[80] Fix | Delete

[81] Fix | Delete

public function validate_search( WP_Query $query ) {

[82] Fix | Delete

if ( ! $query->is_search() ) {

[83] Fix | Delete

return $query;

[84] Fix | Delete

}

[85] Fix | Delete

// First check against emoji and patterns we might not want.

[86] Fix | Delete

$this->check_unwanted_patterns( $query );

[87] Fix | Delete

[88] Fix | Delete

// Then limit characters if still needed.

[89] Fix | Delete

$this->limit_characters();

[90] Fix | Delete

[91] Fix | Delete

return $query;

[92] Fix | Delete

}

[93] Fix | Delete

[94] Fix | Delete

/**

[95] Fix | Delete

* Redirect pretty search URLs to the "raw" equivalent

[96] Fix | Delete

[97] Fix | Delete

* @return void

[98] Fix | Delete

[99] Fix | Delete

public function maybe_redirect_searches() {

[100] Fix | Delete

if ( ! \is_search() ) {

[101] Fix | Delete

return;

[102] Fix | Delete

}

[103] Fix | Delete

[104] Fix | Delete

// phpcs:ignore WordPress.Security.ValidatedSanitizedInput

[105] Fix | Delete

if ( isset( $_SERVER['REQUEST_URI'] ) && \stripos( $_SERVER['REQUEST_URI'], '/search/' ) === 0 ) {

[106] Fix | Delete

$args = [];

[107] Fix | Delete

[108] Fix | Delete

// phpcs:ignore WordPress.Security.ValidatedSanitizedInput

[109] Fix | Delete

$parsed = \wp_parse_url( $_SERVER['REQUEST_URI'] );

[110] Fix | Delete

[111] Fix | Delete

if ( ! empty( $parsed['query'] ) ) {

[112] Fix | Delete

\wp_parse_str( $parsed['query'], $args );

[113] Fix | Delete

}

[114] Fix | Delete

[115] Fix | Delete

$args['s'] = \get_search_query();

[116] Fix | Delete

[117] Fix | Delete

$proper_url = \home_url( '/' );

[118] Fix | Delete

[119] Fix | Delete

if ( \intval( \get_query_var( 'paged' ) ) > 1 ) {

[120] Fix | Delete

$proper_url .= \sprintf( 'page/%s/', \get_query_var( 'paged' ) );

[121] Fix | Delete

unset( $args['paged'] );

[122] Fix | Delete

}

[123] Fix | Delete

[124] Fix | Delete

$proper_url = \add_query_arg( \array_map( 'rawurlencode_deep', $args ), $proper_url );

[125] Fix | Delete

[126] Fix | Delete

if ( ! empty( $parsed['fragment'] ) ) {

[127] Fix | Delete

$proper_url .= '#' . \rawurlencode( $parsed['fragment'] );

[128] Fix | Delete

}

[129] Fix | Delete

[130] Fix | Delete

$this->redirect_away( 'We redirect pretty URLs to the raw format.', $proper_url );

[131] Fix | Delete

}

[132] Fix | Delete

}

[133] Fix | Delete

[134] Fix | Delete

/**

[135] Fix | Delete

* Check query against unwanted search patterns.

[136] Fix | Delete

[137] Fix | Delete

* @param WP_Query $query The main WordPress query.

[138] Fix | Delete

[139] Fix | Delete

* @return void

[140] Fix | Delete

[141] Fix | Delete

private function check_unwanted_patterns( WP_Query $query ) {

[142] Fix | Delete

$s = \rawurldecode( $query->query_vars['s'] );

[143] Fix | Delete

if ( $this->options_helper->get( 'search_cleanup_emoji' ) && $this->has_emoji( $s ) ) {

[144] Fix | Delete

$this->redirect_away( 'We don\'t allow searches with emojis and other special characters.' );

[145] Fix | Delete

}

[146] Fix | Delete

[147] Fix | Delete

if ( ! $this->options_helper->get( 'search_cleanup_patterns' ) ) {

[148] Fix | Delete

return;

[149] Fix | Delete

}

[150] Fix | Delete

foreach ( $this->patterns as $pattern ) {

[151] Fix | Delete

$outcome = \preg_match( $pattern, $s, $matches );

[152] Fix | Delete

if ( $outcome && $matches !== [] ) {

[153] Fix | Delete

$this->redirect_away( 'Your search matched a common spam pattern.' );

[154] Fix | Delete

}

[155] Fix | Delete

}

[156] Fix | Delete

}

[157] Fix | Delete

[158] Fix | Delete

/**

[159] Fix | Delete

* Redirect to the homepage for invalid searches.

[160] Fix | Delete

[161] Fix | Delete

* @param string $reason The reason for redirecting away.

[162] Fix | Delete

* @param string $to_url The URL to redirect to.

[163] Fix | Delete

[164] Fix | Delete

* @return void

[165] Fix | Delete

[166] Fix | Delete

private function redirect_away( $reason, $to_url = '' ) {

[167] Fix | Delete

if ( empty( $to_url ) ) {

[168] Fix | Delete

$to_url = \get_home_url();

[169] Fix | Delete

}

[170] Fix | Delete

[171] Fix | Delete

$this->redirect_helper->do_safe_redirect( $to_url, 301, 'Yoast Search Filtering: ' . $reason );

[172] Fix | Delete

}

[173] Fix | Delete

[174] Fix | Delete

/**

[175] Fix | Delete

* Limits the number of characters in the search query.

[176] Fix | Delete

[177] Fix | Delete

* @return void

[178] Fix | Delete

[179] Fix | Delete

private function limit_characters() {

[180] Fix | Delete

// We retrieve the search term unescaped because we want to count the characters properly. We make sure to escape it afterwards, if we do something with it.

[181] Fix | Delete

$unescaped_s = \get_search_query( false );

[182] Fix | Delete

[183] Fix | Delete

// We then unslash the search term, again because we want to count the characters properly. We make sure to slash it afterwards, if we do something with it.

[184] Fix | Delete

$raw_s = \wp_unslash( $unescaped_s );

[185] Fix | Delete

if ( \mb_strlen( $raw_s, 'UTF-8' ) > $this->options_helper->get( 'search_character_limit' ) ) {

[186] Fix | Delete

$new_s = \mb_substr( $raw_s, 0, $this->options_helper->get( 'search_character_limit' ), 'UTF-8' );

[187] Fix | Delete

\set_query_var( 's', \wp_slash( \esc_attr( $new_s ) ) );

[188] Fix | Delete

}

[189] Fix | Delete

}

[190] Fix | Delete

[191] Fix | Delete

/**

[192] Fix | Delete

* Determines if a text string contains an emoji or not.

[193] Fix | Delete

[194] Fix | Delete

* @param string $text The text string to detect emoji in.

[195] Fix | Delete

[196] Fix | Delete

* @return bool

[197] Fix | Delete

[198] Fix | Delete

private function has_emoji( $text ) {

[199] Fix | Delete

$emojis_regex = '/([^-\p{L}\x00-\x7F]+)/u';

[200] Fix | Delete

\preg_match( $emojis_regex, $text, $matches );

[201] Fix | Delete

[202] Fix | Delete

return ! empty( $matches );

[203] Fix | Delete

}

[204] Fix | Delete

}

[205] Fix | Delete

[206] Fix | Delete