From d2b6321df244c33e069f29b8f092204db37f5d4f Mon Sep 17 00:00:00 2001
From: Konstantinos Galanakis <kmgalanakis@gmail.com>
Date: Wed, 2 Aug 2023 09:33:54 +0300
Subject: [PATCH] Exclude posts from post types not shown in REST when fixing
 insecure content from the admin

---
 includes/classes/class-fixinsecurecontent.php | 23 ++++++++++++++++++-
 includes/partials/admin-page.php              | 11 ++++-----
 2 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/includes/classes/class-fixinsecurecontent.php b/includes/classes/class-fixinsecurecontent.php
index 98f4b9c..06d62b8 100644
--- a/includes/classes/class-fixinsecurecontent.php
+++ b/includes/classes/class-fixinsecurecontent.php
@@ -64,6 +64,19 @@ public static function get_instance() {
 		return self::$instance;
 	}
 
+	/**
+	 * Gets the "post_type" args for the WP_Query calls for the functionality to fix insecure content from within the admin UI.
+	 *
+	 * @return array
+	 */
+	public function get_wp_query_post_type_args(): array {
+		return array(
+			'show_ui'      => true,
+			'public'       => true,
+			'show_in_rest' => true,
+		);
+	}
+
 	/**
 	 * Counts posts to be checked for insecure content.
 	 *
@@ -74,9 +87,12 @@ public static function get_instance() {
 	 * @return int
 	 */
 	public function count_post_to_check( string $post_type, int $posts_per_page, int $post_offset ): int {
+		// Exclude post from post types not shown in REST when counting insecure content to fix from the admin UI.
+		$post_types = get_post_types( $this->get_wp_query_post_type_args() );
+
 		$args = array(
 			'posts_per_page' => $posts_per_page,
-			'post_type'      => 'all' === $post_type ? 'any' : $post_type,
+			'post_type'      => 'all' === $post_type ? $post_types : $post_type,
 			'offset'         => $post_offset,
 			'nopaging'       => true,
 		);
@@ -117,6 +133,11 @@ public function fix( $include, $all, $post_type, $posts_per_page, $post_offset,
 		} else {
 			$total = 0;
 
+			// Exclude post from post types not shown in REST when fixing insecure content from the admin UI.
+			if ( ! defined( 'WP_CLI' ) && 'any' === $post_type ) {
+				$post_type = get_post_types( $this->get_wp_query_post_type_args() );
+			}
+
 			// Loop through all posts and fix content.
 			while ( true ) {
 				$args  = array(
diff --git a/includes/partials/admin-page.php b/includes/partials/admin-page.php
index 1ad9d53..49d9203 100644
--- a/includes/partials/admin-page.php
+++ b/includes/partials/admin-page.php
@@ -5,17 +5,14 @@
  * @package ICW
  */
 
+use ICW\FIX\FixInsecureContent;
+
 if ( ! defined( 'ABSPATH' ) ) {
 	exit; // Exit if accessed directly.
 }
 
-$post_types = get_post_types(
-	array(
-		'show_ui' => true,
-		'public'  => true,
-	),
-	'objects'
-);
+$fix_insecure_content_class = FixInsecureContent::get_instance();
+$post_types                 = get_post_types( $fix_insecure_content_class->get_wp_query_post_type_args(), 'objects' );
 ?>
 
 <div class="wrap">