Improve template selection and fix email manager initialization

inc/admin-pages/class-broadcast-list-admin-page.php

@@ -294,7 +294,9 @@ public function render_add_new_broadcast_modal(): void {
 			],
 			'step_note'        => [
 				'type'              => 'note',
-				'desc'              => sprintf('<a href="#" class="wu-no-underline wu-mt-1 wu-uppercase wu-text-2xs wu-font-semibold wu-text-gray-600" v-show="step === 2" v-on:click.prevent="step = 1">%s</a>', __('&larr; Back to Type Selection', 'ultimate-multisite')),
+				'desc'              => function () {
+					printf('<a href="#" class="wu-no-underline wu-mt-1 wu-uppercase wu-text-2xs wu-font-semibold wu-text-gray-600" v-show="step === 2" v-on:click.prevent="step = 1">%s</a>', esc_html__('&larr; Back to Type Selection', 'ultimate-multisite'));
+				},
 				'wrapper_html_attr' => [
 					'v-show' => 'step === 2',
 				],
@@ -352,7 +354,9 @@ public function render_add_new_broadcast_modal(): void {
 			],
 			'step_note_2'      => [
 				'type'              => 'note',
-				'desc'              => sprintf('<a href="#" class="wu-no-underline wu-mt-1 wu-uppercase wu-text-2xs wu-font-semibold wu-text-gray-600" v-show="step === 3" v-on:click.prevent="step = 2">%s</a>', __('&larr; Back to Target Selection', 'ultimate-multisite')),
+				'desc'              => function () {
+					printf('<a href="#" class="wu-no-underline wu-mt-1 wu-uppercase wu-text-2xs wu-font-semibold wu-text-gray-600" v-show="step === 3" v-on:click.prevent="step = 2">%s</a>', esc_html__('&larr; Back to Target Selection', 'ultimate-multisite'));
+				},
 				'wrapper_html_attr' => [
 					'v-show' => 'step === 3',
 				],

inc/admin-pages/class-checkout-form-edit-admin-page.php

@@ -408,7 +408,9 @@ public function get_create_field_fields($attributes = []) {
 			'type_note'               => [
 				'type'              => 'note',
 				'order'             => 0,
-				'desc'              => sprintf('<a href="#" class="wu-no-underline wu-mt-1 wu-uppercase wu-text-2xs wu-font-semibold wu-text-gray-600" v-on:click.prevent="type = \'\'">%s</a>', __('&larr; Back to Field Type Selection', 'ultimate-multisite')),
+				'desc'              => function () {
+					printf('<a href="#" class="wu-no-underline wu-mt-1 wu-uppercase wu-text-2xs wu-font-semibold wu-text-gray-600" v-on:click.prevent="type = \'\'">%s</a>', esc_html__('&larr; Back to Field Type Selection', 'ultimate-multisite'));
+				},
 				'wrapper_html_attr' => [
 					'v-show'  => 'type && (!saved && !name)',
 					'v-cloak' => '1',

inc/admin-pages/class-customer-edit-admin-page.php

@@ -107,11 +107,11 @@ public function page_loaded() {
 		// Handle delete meta field action
 		if (isset($_GET['delete_meta_key']) && isset($_GET['_wpnonce'])) {
 			$meta_key = sanitize_key($_GET['delete_meta_key']);
-			$nonce    = sanitize_text_field($_GET['_wpnonce']);
+			$nonce    = sanitize_text_field(wp_unslash($_GET['_wpnonce']));
 
 			// Verify nonce for security
 			if ( ! wp_verify_nonce($nonce, 'delete_customer_meta_' . $meta_key)) {
-				wp_die(__('Security check failed. Please try again.', 'ultimate-multisite'));
+				wp_die(esc_html__('Security check failed. Please try again.', 'ultimate-multisite'));
 			}
 
 			$customer = $this->get_object();
@@ -586,10 +586,12 @@ public function generate_customer_meta_fields() {
 				'fields'            => [
 					'new_meta_remove'         => [
 						'type'            => 'note',
-						'desc'            => sprintf(
-							'<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600" href="#" @click.prevent="() => new_meta_fields.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>',
-							__('Remove', 'ultimate-multisite')
-						),
+						'desc'            => function () {
+							printf(
+								'<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600" href="#" v-on:click.prevent="() => new_meta_fields.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>',
+								esc_html__('Remove', 'ultimate-multisite')
+							);
+						},
 						'wrapper_classes' => 'wu-absolute wu-top-0 wu-right-0',
 					],
 					'new_meta_slug'           => [

inc/admin-pages/class-product-edit-admin-page.php

@@ -754,7 +754,14 @@ protected function get_product_option_sections() {
 					'fields'            => [
 						'price_variations_remove'        => [
 							'type'            => 'note',
-							'desc'            => sprintf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => price_variations.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', esc_html__('Remove', 'ultimate-multisite')),
+							'desc'            => function () {
+								printf(
+									'<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" v-on:click.prevent="() => price_variations.splice(index, 1)">
+										<span class="dashicons-wu-squared-cross"></span>
+									</a>',
+									esc_html__('Remove', 'ultimate-multisite')
+								);
+							},
 							'wrapper_classes' => 'wu-absolute wu-top-0 wu-right-0',
 						],
 						'price_variations_duration'      => [
@@ -921,13 +928,13 @@ protected function get_product_option_sections() {
 	 * @since 2.0.0
 	 *
 	 * @param \WP_Ultimo\Models\Product $product The product being edited.
-	 * @return string
+	 * @return void
 	 */
 	public function get_site_template_selection_list($product) {
 
 		$all_templates = wu_get_site_templates();
 
-		return wu_get_template_contents(
+		wu_get_template(
 			'limitations/site-template-selector',
 			[
 				'templates' => $all_templates,

inc/admin-pages/class-settings-admin-page.php

@@ -538,7 +538,7 @@ public function default_handler(): void {
 			if (isset($_POST[ $field ])) { // phpcs:ignore WordPress.Security.NonceVerification
 				$value = wp_unslash($_POST[ $field ]); // phpcs:ignore WordPress.Security.NonceVerification, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
 				if (is_array($value)) {
-					$filtered_data[ $field ] = array_map('sanitize_text_field', $value);
+					$filtered_data[ $field ] = wu_clean($value);
 				} elseif ( ! empty($field_data['allow_html'])) {
 					$filtered_data[ $field ] = sanitize_post_field('post_content', $value, $this->get_id(), 'db');
 				} else {

inc/checkout/signup-fields/class-signup-field-period-selection.php

@@ -212,7 +212,9 @@ public function get_fields() {
 			'fields'            => [
 				'period_options_remove'        => [
 					'type'            => 'note',
-					'desc'            => sprintf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => period_options.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', __('Remove', 'ultimate-multisite')),
+					'desc'            => function () {
+						printf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => period_options.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', esc_html__('Remove', 'ultimate-multisite'));
+					},
 					'wrapper_classes' => 'wu-absolute wu-top-0 wu-right-0',
 				],
 				'period_options_duration'      => [

inc/checkout/signup-fields/class-signup-field-select.php

@@ -175,7 +175,9 @@ public function get_fields() {
 			'fields'            => [
 				'options_remove' => [
 					'type'            => 'note',
-					'desc'            => sprintf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => options.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', __('Remove', 'ultimate-multisite')),
+					'desc'            => function () {
+						printf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => options.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', esc_html__('Remove', 'ultimate-multisite'));
+					},
 					'wrapper_classes' => 'wu-absolute wu-top-0 wu-right-0',
 				],
 				'options_key'    => [

inc/class-api.php

@@ -229,7 +229,7 @@ public function add_settings(): void {
 			'api',
 			'api_note',
 			[
-				'desc'            => __('This is your API Key. You cannot change it directly. To reset the API key and secret, use the button "Refresh API credentials" below.', 'ultimate-multisite'),
+				'desc'            => fn() => esc_html__('This is your API Key. You cannot change it directly. To reset the API key and secret, use the button "Refresh API credentials" below.', 'ultimate-multisite'),
 				'type'            => 'note',
 				'classes'         => 'wu-text-gray-700 wu-text-xs',
 				'wrapper_classes' => 'wu-bg-white sm:wu-border-t-0 sm:wu-mt-0 sm:wu-pt-0',

inc/class-orphaned-tables-manager.php

@@ -112,34 +112,36 @@ public function render_orphaned_tables_delete_modal(): void {
 			return;
 		}
 
-		$table_list = '<div class="wu-max-h-32 wu-overflow-y-auto wu-bg-white wu-p-2 wu-border wu-rounded wu-mb-4">';
-		foreach ($orphaned_tables as $table) {
-			$table_list .= '<div class="wu-text-xs wu-font-mono wu-py-1">' . esc_html($table) . '</div>';
-		}
-		$table_list .= '</div>';
-
 		$fields = [
 			'confirmation' => [
 				'type'            => 'note',
-				'desc'            => sprintf(
-					'<div class="wu-p-4 wu-bg-red-100 wu-border wu-border-red-400 wu-text-red-700 wu-rounded">
+				'desc'            => function () use ($orphaned_tables, $table_count) {
+					printf(
+						'<div class="wu-p-4 wu-bg-red-100 wu-border wu-border-red-400 wu-text-red-700 wu-rounded">
 						<h3 class="wu-mt-0 wu-mb-2">%s</h3>
-						<p class="wu-mb-2">%s</p>
-						%s
-						<p class="wu-text-sm wu-mb-4">
-							<strong>%s</strong> %s
-						</p>
-					</div>',
-					sprintf(
+						<p class="wu-mb-2">%s</p>',
+						sprintf(
 						/* translators: %d: number of orphaned tables */
-						esc_html(_n('Confirm Deletion of %d Orphaned Table', 'Confirm Deletion of %d Orphaned Tables', $table_count, 'ultimate-multisite')),
-						$table_count
-					),
-					esc_html__('You are about to permanently delete the following database tables:', 'ultimate-multisite'),
-					$table_list,
-					esc_html__('Warning:', 'ultimate-multisite'),
-					esc_html__('This action cannot be undone. Please ensure you have a database backup before proceeding.', 'ultimate-multisite')
-				),
+							esc_html(_n('Confirm Deletion of %d Orphaned Table', 'Confirm Deletion of %d Orphaned Tables', $table_count, 'ultimate-multisite')),
+							esc_html($table_count)
+						),
+						esc_html__('You are about to permanently delete the following database tables:', 'ultimate-multisite'),
+					);
+
+					echo '<div class="wu-max-h-32 wu-overflow-y-auto wu-bg-white wu-p-2 wu-border wu-rounded wu-mb-4">';
+					foreach ($orphaned_tables as $table) {
+						echo '<div class="wu-text-xs wu-font-mono wu-py-1">' . esc_html($table) . '</div>';
+					}
+					echo '</div>';
+					printf(
+						'<p class="wu-text-sm wu-mb-4">
+							<strong>%s</strong> %s
+						</p>',
+						esc_html__('Warning:', 'ultimate-multisite'),
+						esc_html__('This action cannot be undone. Please ensure you have a database backup before proceeding.', 'ultimate-multisite')
+					);
+					echo '</div>';
+				},
 				'wrapper_classes' => 'wu-w-full',
 			],
 			'submit'       => [
@@ -185,9 +187,7 @@ public function handle_orphaned_tables_delete_modal(): void {
 			wp_die(esc_html__('You do not have the required permissions.', 'ultimate-multisite'));
 		}
 
-		if (empty($orphaned_tables) || ! is_array($orphaned_tables)) {
-			$orphaned_tables = $this->find_orphaned_tables();
-		}
+		$orphaned_tables = $this->find_orphaned_tables();
 
 		$deleted_count = $this->delete_orphaned_tables($orphaned_tables);
 

inc/class-settings.php

@@ -1107,7 +1107,9 @@ public function default_sections(): void {
 				'fields'            => [
 					'emulated_post_types_remove' => [
 						'type'            => 'note',
-						'desc'            => sprintf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => emulated_post_types.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', __('Remove', 'ultimate-multisite')),
+						'desc'            => function () {
+							printf('<a title="%s" class="wu-no-underline wu-inline-block wu-text-gray-600 wu-mt-2 wu-mr-2" href="#" @click.prevent="() => emulated_post_types.splice(index, 1)"><span class="dashicons-wu-squared-cross"></span></a>', esc_html__('Remove', 'ultimate-multisite'));
+						},
 						'wrapper_classes' => 'wu-absolute wu-top-0 wu-right-0',
 					],
 					'emulated_post_types_slug'   => [

inc/database/engine/class-query.php

@@ -96,4 +96,24 @@ public function get_plural_name() {
 
 		return $this->item_name_plural;
 	}
+
+	/**
+	 * Get columns from an array of arguments.
+	 * Copy of the parent method of public access.
+	 *
+	 * @param array  $args     Arguments to filter columns by.
+	 * @param string $operator Optional. The logical operation to perform.
+	 * @param string $field    Optional. A field from the object to place
+	 *                         instead of the entire object. Default false.
+	 * @return array Array of column.
+	 */
+	public function get_columns($args = array(), $operator = 'and', $field = false) {
+		// Filter columns.
+		$filter = wp_filter_object_list($this->columns, $args, $operator, $field);
+
+		// Return column or false.
+		return ! empty($filter)
+			? array_values($filter)
+			: array();
+	}
 }

inc/functions/email.php

@@ -100,7 +100,7 @@ function wu_get_default_system_emails($slug = '') {
  * @since 2.0.0
  *
  * @param string $slug Default system email slug to be create.
- * @return array
+ * @return bool|Email
  */
 function wu_create_default_system_email($slug) {
 

inc/functions/helper.php

@@ -294,7 +294,7 @@
 
 	try {
 		call_user_func($func);
 	} catch (\Throwable $exception) {
 
 		// Ignore it or log it.
 	}
@@ -362,6 +362,15 @@
 		'v-model'                   => true,
 		'v-bind'                    => true,
 		'v-bind:class'              => true,
+		'v-bind:href'               => true,
+		'v-bind:value'              => true,
+		'v-bind:checked'            => true,
+		'v-bind:disabled'           => true,
+		'v-bind:src'                => true,
+		'v-bind:max'                => true,
+		'v-bind:min'                => true,
+		'v-bind:id'                 => true,
+		'v-bind:readonly'           => true,
 		'v-on'                      => true,
 		'v-cloak'                   => true,
 		'v-pre'                     => true,
@@ -370,12 +379,30 @@
 		// Vue.js shorthand attributes
 		':class'                    => true,
 		':style'                    => true,
+		':name'                     => true,
+		':id'                       => true,
+		':value'                    => true,
+		':key'                      => true,
+		':data-slug'                => true,
+		':src'                      => true,
+		':alt'                      => true,
+		':href'                     => true,
+		':data-title'               => true,
+		':aria-label'               => true,
+		':colspan'                  => true,
+		':list'                     => true,
+		':tag'                      => true,
+		':headers'                  => true,
+		':step-name'                => true,
+		':disabled'                 => true,
+		':element'                  => true,
+		':template'                 => true,
 		'v-on:click'                => true,
+		'v-on:click.prevent'        => true,
 		'v-on:input'                => true,
 		'v-on:change'               => true,
 		'@click'                    => true,
 		'@click.prevent'            => true,
-		'v-on:click.prevent'        => true,
 		'@submit'                   => true,
 		'@change'                   => true,
 		// Common data attributes

inc/limits/class-site-template-limits.php

@@ -106,7 +106,7 @@ public function maybe_filter_template_selection_options($attributes) {
 	 */
 	public function maybe_force_template_selection($template_id, $membership) {
 
-		if ($membership && $membership->get_limitations()->site_templates->get_mode() === Limit_Site_Templates::MODE_ASSIGN_TEMPLATE) {
+		if ($membership && Limit_Site_Templates::MODE_ASSIGN_TEMPLATE === $membership->get_limitations()->site_templates->get_mode()) {
 			$template_id = $membership->get_limitations()->site_templates->get_pre_selected_site_template();
 		}
 

inc/list-tables/class-base-list-table.php

@@ -9,6 +9,7 @@
 
 namespace WP_Ultimo\List_Tables;
 
+use Closure;
 use WP_Ultimo\Helpers\Hash;
 
 // Exit if accessed directly
@@ -1262,10 +1263,6 @@ public function get_default_date_filter_options() {
 	/**
 	 * Returns the columns from the BerlinDB Schema.
 	 *
-	 * Schema columns are protected on BerlinDB, which makes it hard to reference them out context.
-	 * This is the reason for the reflection funkiness going on in here.
-	 * Maybe there's a better way to do it, but it works for now.
-	 *
 	 * @since 2.0.0
 	 *
 	 * @param array   $args Key => Value pair to search the return columns. e.g. array('searchable' => true).
@@ -1274,16 +1271,7 @@ public function get_default_date_filter_options() {
 	 * @return array.
 	 */
 	protected function get_schema_columns($args = [], $operator = 'and', $field = false) {
-
-		$query_class = new $this->query_class();
-
-		$reflector = new \ReflectionObject($query_class);
-
-		$method = $reflector->getMethod('get_columns');
-
-		$method->setAccessible(true);
-
-		return $method->invoke($query_class, $args, $operator, $field);
+		return (new $this->query_class())->get_columns($args, $operator, $field);
 	}
 
 	/**