Merge branch 'develop' of https://github.com/magento/magento2ce into MPI-PR-develop

Author: rliukshyn

app/code/Magento/Bundle/view/frontend/templates/catalog/product/view/type/bundle/option/checkbox.phtml

@@ -29,7 +29,7 @@
                         <input class="bundle-option-<?php /* @escapeNotVerified */ echo $_option->getId() ?> checkbox product bundle option change-container-classname"
                                id="bundle-option-<?php /* @escapeNotVerified */ echo $_option->getId() ?>-<?php /* @escapeNotVerified */ echo $_selection->getSelectionId() ?>"
                                type="checkbox"
-                               <?php if ($_option->getRequired()) echo 'data-validate="{\'validate-one-required-by-name\':\'input[name^=&quot;bundle_option[' . $_option->getId() . ']&quot;]:checked\'}"'?>
+                               <?php if ($_option->getRequired()) /* @escapeNotVerified */ echo 'data-validate="{\'validate-one-required-by-name\':\'input[name^=&quot;bundle_option[' . $_option->getId() . ']&quot;]:checked\'}"'?>
                                name="bundle_option[<?php /* @escapeNotVerified */ echo $_option->getId() ?>][<?php /* @escapeNotVerified */ echo $_selection->getId() ?>]"
                                data-selector="bundle_option[<?php /* @escapeNotVerified */ echo $_option->getId() ?>][<?php /* @escapeNotVerified */ echo $_selection->getId() ?>]"
                                <?php if ($block->isSelected($_selection)) echo ' checked="checked"' ?>

app/code/Magento/Captcha/view/adminhtml/templates/default.phtml

@@ -6,13 +6,14 @@
 
 // @codingStandardsIgnoreFile
 
+/** @var \Magento\Captcha\Block\Captcha\DefaultCaptcha $block */
+
+/** @var \Magento\Captcha\Model\DefaultModel $captcha */
+$captcha = $block->getCaptchaModel();
 ?>
-<?php /* @var $captcha \Magento\Captcha\Model\DefaultModel */ ?>
-<?php /* @var $block \Magento\Captcha\Block\Captcha\DefaultCaptcha */ ?>
-<?php $captcha = $block->getCaptchaModel() ?>
 <div class="admin__field _required">
     <label for="captcha" class="admin__field-label">
-        <span><?php /* @escapeNotVerified */ echo __('Please enter the letters from the image') ?></span>
+        <span><?php echo $block->escapeHtml(__('Please enter the letters from the image')) ?></span>
     </label>
     <div class="admin__field-control">
         <input
@@ -23,7 +24,7 @@
             data-validate="{required:true}"/>
         <?php if ($captcha->isCaseSensitive()) :?>
             <div class="admin__field-note">
-                <span><?php /* @escapeNotVerified */ echo __('<strong>Attention</strong>: Captcha is case sensitive.') ?></span>
+                <span><?php echo $block->escapeHtml(__('<strong>Attention</strong>: Captcha is case sensitive.'), ['strong']) ?></span>
             </div>
         <?php endif; ?>
     </div>
@@ -33,7 +34,7 @@
         id="captcha-reload"
         class="captcha-reload"
         src="<?php echo $block->escapeUrl($block->getViewFileUrl('Magento_Captcha::reload.png')) ?>"
-        alt="<?php /* @escapeNotVerified */ echo __('Reload captcha') ?>"/>
+        alt="<?php echo $block->escapeHtmlAttr(__('Reload captcha')) ?>"/>
     <img
         id="<?php echo $block->escapeHtmlAttr($block->getFormId()) ?>"
         width="<?php /* @noEscape */ echo (float) $block->getImgWidth() ?>"
@@ -44,7 +45,7 @@
     require(["prototype", "mage/captcha"], function(){
 
 //<![CDATA[
-        var captcha = new Captcha('<?php echo $block->escapeUrl($block->getRefreshUrl()) ?>', '<?php echo $block->escapeJs($block->getFormId()) ?>');
+        var captcha = new Captcha('<?php echo $block->escapeJs($block->escapeUrl($block->getRefreshUrl())) ?>', '<?php echo $block->escapeJs($block->escapeHtml($block->getFormId())) ?>');
 
         $('captcha-reload').observe('click', function () {
             captcha.refresh(this);

app/code/Magento/Captcha/view/frontend/templates/default.phtml

@@ -6,12 +6,13 @@
 
 // @codingStandardsIgnoreFile
 
+/** @var \Magento\Captcha\Block\Captcha\DefaultCaptcha $block */
+
+/** @var \Magento\Captcha\Model\DefaultModel $captcha */
+$captcha = $block->getCaptchaModel();
 ?>
-<?php /* @var $captcha \Magento\Captcha\Model\DefaultModel */ ?>
-<?php /* @var $block \Magento\Captcha\Block\Captcha\DefaultCaptcha */ ?>
-<?php $captcha = $block->getCaptchaModel() ?>
 <div class="field captcha required" role="<?php echo $block->escapeHtmlAttr($block->getFormId())?>">
-    <label for="captcha_<?php echo $block->escapeHtmlAttr($block->getFormId()) ?>" class="label"><span><?php /* @escapeNotVerified */ echo __('Please type the letters below')?></span></label>
+    <label for="captcha_<?php echo $block->escapeHtmlAttr($block->getFormId()) ?>" class="label"><span><?php echo $block->escapeHtml(__('Please type the letters below')) ?></span></label>
     <div class="control captcha">
         <input name="<?php echo $block->escapeHtmlAttr(\Magento\Captcha\Helper\Data::INPUT_NAME_FIELD_VALUE) ?>[<?php echo $block->escapeHtmlAttr($block->getFormId())?>]" type="text" class="input-text required-entry" data-validate="{required:true}" id="captcha_<?php echo $block->escapeHtmlAttr($block->getFormId()) ?>" />
         <div class="nested">
@@ -22,13 +23,13 @@
                                             "imageLoader": "<?php echo $block->escapeUrl($block->getViewFileUrl('images/loader-2.gif')) ?>",
                                              "type": "<?php echo $block->escapeHtmlAttr($block->getFormId()) ?>"}}'>
                 <div class="control captcha-image">
-                    <img alt="<?php /* @escapeNotVerified */ echo __('Please type the letters below')?>" class="captcha-img" height="<?php /* @noEscape */ echo (float) $block->getImgHeight() ?>" src="<?php echo $block->escapeUrl($captcha->getImgSrc()) ?>"/>
-                    <button type="button" class="action reload captcha-reload" title="<?php /* @escapeNotVerified */ echo __('Reload captcha') ?>"><span><?php /* @escapeNotVerified */ echo __('Reload captcha') ?></span></button>
+                    <img alt="<?php echo $block->escapeHtmlAttr(__('Please type the letters below')) ?>" class="captcha-img" height="<?php /* @noEscape */ echo (float) $block->getImgHeight() ?>" src="<?php echo $block->escapeUrl($captcha->getImgSrc()) ?>"/>
+                    <button type="button" class="action reload captcha-reload" title="<?php echo $block->escapeHtmlAttr(__('Reload captcha')) ?>"><span><?php echo $block->escapeHtml(__('Reload captcha')) ?></span></button>
                 </div>
             </div>
             <?php if ($captcha->isCaseSensitive()) :?>
                 <div class="captcha-note note">
-                    <?php /* @escapeNotVerified */ echo __('<strong>Attention</strong>: Captcha is case sensitive.') ?>
+                    <?php echo $block->escapeHtml(__('<strong>Attention</strong>: Captcha is case sensitive.'), ['strong']) ?>
                 </div>
             <?php endif; ?>
         </div>

app/code/Magento/Catalog/view/base/web/js/price-box.js

@@ -2,6 +2,7 @@
  * Copyright © 2016 Magento. All rights reserved.
  * See COPYING.txt for license details.
  */
+
 define([
     'jquery',
     'Magento_Catalog/js/price-utils',
@@ -29,6 +30,7 @@ define([
          */
         _init: function initPriceBox() {
             var box = this.element;
+
             box.trigger('updatePrice');
             this.cache.displayPrices = utils.deepClone(this.options.prices);
         },
@@ -70,7 +72,8 @@ define([
         updatePrice: function updatePrice(newPrices) {
             var prices = this.cache.displayPrices,
                 additionalPrice = {},
-                pricesCode = [];
+                pricesCode = [],
+                priceValue, origin, finalPrice;
 
             this.cache.additionalPriceObject = this.cache.additionalPriceObject || {};
 
@@ -89,19 +92,19 @@ define([
                     pricesCode = _.keys(additional);
                 }
                 _.each(pricesCode, function (priceCode) {
-                    var priceValue = additional[priceCode] || {};
+                    priceValue = additional[priceCode] || {};
                     priceValue.amount = +priceValue.amount || 0;
                     priceValue.adjustments = priceValue.adjustments || {};
 
                     additionalPrice[priceCode] = additionalPrice[priceCode] || {
-                        'amount': 0,
-                        'adjustments': {}
-                    };
-                    additionalPrice[priceCode].amount =  0 + (additionalPrice[priceCode].amount || 0)
-                        + priceValue.amount;
+                            'amount': 0,
+                            'adjustments': {}
+                        };
+                    additionalPrice[priceCode].amount =  0 + (additionalPrice[priceCode].amount || 0) +
+                        priceValue.amount;
                     _.each(priceValue.adjustments, function (adValue, adCode) {
-                        additionalPrice[priceCode].adjustments[adCode] = 0
-                            + (additionalPrice[priceCode].adjustments[adCode] || 0) + adValue;
+                        additionalPrice[priceCode].adjustments[adCode] = 0 +
+                            (additionalPrice[priceCode].adjustments[adCode] || 0) + adValue;
                     });
                 });
             });
@@ -110,23 +113,24 @@ define([
                 this.cache.displayPrices = utils.deepClone(this.options.prices);
             } else {
                 _.each(additionalPrice, function (option, priceCode) {
-                    var origin = this.options.prices[priceCode] || {},
-                        final = prices[priceCode] || {};
+                    origin = this.options.prices[priceCode] || {};
+                    finalPrice = prices[priceCode] || {};
                     option.amount = option.amount || 0;
                     origin.amount = origin.amount || 0;
                     origin.adjustments = origin.adjustments || {};
-                    final.adjustments = final.adjustments || {};
+                    finalPrice.adjustments = finalPrice.adjustments || {};
 
-                    final.amount = 0 + origin.amount + option.amount;
+                    finalPrice.amount = 0 + origin.amount + option.amount;
                     _.each(option.adjustments, function (pa, paCode) {
-                        final.adjustments[paCode] = 0 + (origin.adjustments[paCode] || 0) + pa;
+                        finalPrice.adjustments[paCode] = 0 + (origin.adjustments[paCode] || 0) + pa;
                     });
                 }, this);
             }
 
             this.element.trigger('reloadPrice');
         },
 
+        /*eslint-disable no-extra-parens*/
         /**
          * Render price unit block.
          */
@@ -135,16 +139,19 @@ define([
                 priceTemplate = mageTemplate(this.options.priceTemplate);
 
             _.each(this.cache.displayPrices, function (price, priceCode) {
-                price.final = _.reduce(price.adjustments, function(memo, amount) {
+                price.final = _.reduce(price.adjustments, function (memo, amount) {
                     return memo + amount;
                 }, price.amount);
 
                 price.formatted = utils.formatPrice(price.final, priceFormat);
 
-                $('[data-price-type="' + priceCode + '"]', this.element).html(priceTemplate({data: price}));
+                $('[data-price-type="' + priceCode + '"]', this.element).html(priceTemplate({
+                    data: price
+                }));
             }, this);
         },
 
+        /*eslint-enable no-extra-parens*/
         /**
          * Overwrites initial (default) prices object.
          * @param {Object} prices
@@ -177,6 +184,7 @@ define([
             var box = this.element,
                 priceHolders = $('[data-price-type]', box),
                 prices = this.options.prices;
+
             this.options.productId = box.data('productId');
 
             if (_.isEmpty(prices)) {
@@ -199,10 +207,7 @@ define([
         _setDefaultsFromPriceConfig: function _setDefaultsFromPriceConfig() {
             var config = this.options.priceConfig;
 
-            if (config) {
-                if (+config.productId !== +this.options.productId) {
-                    return;
-                }
+            if (config && config.prices) {
                 this.options.prices = config.prices;
             }
         }

app/code/Magento/Checkout/view/frontend/web/js/view/minicart.js

@@ -97,8 +97,7 @@ define([
                 addToCartCalls++;
                 self.isLoading(true);
             });
-
-            if (cartData().websiteId !== window.checkout.websiteId) {
+            if (cartData().website_id !== window.checkout.websiteId) {
                 customerData.reload(['cart'], false);
             }
 

app/code/Magento/Contact/view/frontend/templates/form.phtml

@@ -5,49 +5,48 @@
  */
 
 // @codingStandardsIgnoreFile
-
+/** @var \Magento\Contact\Block\ContactForm $block */
 ?>
-<?php /** @var $block \Magento\Contact\Block\ContactForm */ ?>
 <form class="form contact"
       action="<?php echo $block->escapeUrl($block->getFormAction()); ?>"
       id="contact-form"
       method="post"
-      data-hasrequired="<?php /* @escapeNotVerified */ echo __('* Required Fields') ?>"
+      data-hasrequired="<?php echo $block->escapeHtmlAttr(__('* Required Fields')) ?>"
       data-mage-init='{"validation":{}}'>
     <fieldset class="fieldset">
-        <legend class="legend"><span><?php /* @escapeNotVerified */ echo __('Write Us') ?></span></legend><br />
-        <div class="field note no-label"><?php /* @escapeNotVerified */ echo __('Jot us a note and we’ll get back to you as quickly as possible.') ?></div>
+        <legend class="legend"><span><?php echo $block->escapeHtml(__('Write Us')) ?></span></legend><br />
+        <div class="field note no-label"><?php echo $block->escapeHtml(__('Jot us a note and we’ll get back to you as quickly as possible.')) ?></div>
         <div class="field name required">
-            <label class="label" for="name"><span><?php /* @escapeNotVerified */ echo __('Name') ?></span></label>
+            <label class="label" for="name"><span><?php echo $block->escapeHtml(__('Name')) ?></span></label>
             <div class="control">
-                <input name="name" id="name" title="<?php /* @escapeNotVerified */ echo __('Name') ?>" value="<?php echo $block->escapeHtml($this->helper('Magento\Contact\Helper\Data')->getPostValue('name') ?: $this->helper('Magento\Contact\Helper\Data')->getUserName()) ?>" class="input-text" type="text" data-validate="{required:true}"/>
+                <input name="name" id="name" title="<?php echo $block->escapeHtmlAttr(__('Name')) ?>" value="<?php echo $block->escapeHtmlAttr($this->helper('Magento\Contact\Helper\Data')->getPostValue('name') ?: $this->helper('Magento\Contact\Helper\Data')->getUserName()) ?>" class="input-text" type="text" data-validate="{required:true}"/>
             </div>
         </div>
         <div class="field email required">
-            <label class="label" for="email"><span><?php /* @escapeNotVerified */ echo __('Email') ?></span></label>
+            <label class="label" for="email"><span><?php echo $block->escapeHtml(__('Email')) ?></span></label>
             <div class="control">
-                <input name="email" id="email" title="<?php /* @escapeNotVerified */ echo __('Email') ?>" value="<?php echo $block->escapeHtml($this->helper('Magento\Contact\Helper\Data')->getPostValue('email') ?: $this->helper('Magento\Contact\Helper\Data')->getUserEmail()) ?>" class="input-text" type="email" data-validate="{required:true, 'validate-email':true}"/>
+                <input name="email" id="email" title="<?php echo $block->escapeHtmlAttr(__('Email')) ?>" value="<?php echo $block->escapeHtmlAttr($this->helper('Magento\Contact\Helper\Data')->getPostValue('email') ?: $this->helper('Magento\Contact\Helper\Data')->getUserEmail()) ?>" class="input-text" type="email" data-validate="{required:true, 'validate-email':true}"/>
             </div>
         </div>
         <div class="field telephone">
-            <label class="label" for="telephone"><span><?php /* @escapeNotVerified */ echo __('Phone Number') ?></span></label>
+            <label class="label" for="telephone"><span><?php echo $block->escapeHtml(__('Phone Number')) ?></span></label>
             <div class="control">
-                <input name="telephone" id="telephone" title="<?php /* @escapeNotVerified */ echo __('Phone Number') ?>" value="<?php echo $block->escapeHtml($this->helper('Magento\Contact\Helper\Data')->getPostValue('telephone')) ?>" class="input-text" type="text" />
+                <input name="telephone" id="telephone" title="<?php echo $block->escapeHtmlAttr(__('Phone Number')) ?>" value="<?php echo $block->escapeHtmlAttr($this->helper('Magento\Contact\Helper\Data')->getPostValue('telephone')) ?>" class="input-text" type="text" />
             </div>
         </div>
         <div class="field comment required">
-            <label class="label" for="comment"><span><?php /* @escapeNotVerified */ echo __('What’s on your mind?') ?></span></label>
+            <label class="label" for="comment"><span><?php echo $block->escapeHtml(__('What’s on your mind?')) ?></span></label>
             <div class="control">
-                <textarea name="comment" id="comment" title="<?php /* @escapeNotVerified */ echo __('What’s on your mind?') ?>" class="input-text" cols="5" rows="3" data-validate="{required:true}"><?php echo $block->escapeHtml($this->helper('Magento\Contact\Helper\Data')->getPostValue('comment')) ?></textarea>
+                <textarea name="comment" id="comment" title="<?php echo $block->escapeHtmlAttr(__('What’s on your mind?')) ?>" class="input-text" cols="5" rows="3" data-validate="{required:true}"><?php echo $block->escapeHtml($this->helper('Magento\Contact\Helper\Data')->getPostValue('comment')) ?></textarea>
             </div>
         </div>
         <?php echo $block->getChildHtml('form.additional.info'); ?>
     </fieldset>
     <div class="actions-toolbar">
         <div class="primary">
             <input type="hidden" name="hideit" id="hideit" value="" />
-            <button type="submit" title="<?php /* @escapeNotVerified */ echo __('Submit') ?>" class="action submit primary">
-                <span><?php /* @escapeNotVerified */ echo __('Submit') ?></span>
+            <button type="submit" title="<?php echo $block->escapeHtmlAttr(__('Submit')) ?>" class="action submit primary">
+                <span><?php echo $block->escapeHtml(__('Submit')) ?></span>
             </button>
         </div>
     </div>

app/code/Magento/Cookie/Block/RequireCookie.php

@@ -18,7 +18,10 @@ class RequireCookie extends \Magento\Framework\View\Element\Template
      */
     public function getScriptOptions()
     {
-        $params = ['noCookieUrl' => $this->getUrl('cookie/index/noCookies/'), 'triggers' => $this->getTriggers()];
+        $params = [
+            'noCookieUrl' => $this->escapeUrl($this->getUrl('cookie/index/noCookies/')),
+            'triggers' => $this->escapeHtml($this->getTriggers())
+        ];
         return json_encode($params);
     }
 }

app/code/Magento/Cookie/Helper/Cookie.php

@@ -84,7 +84,7 @@ public function isUserNotAllowSaveCookie()
     public function getAcceptedSaveCookiesWebsiteIds()
     {
         $acceptedSaveCookiesWebsites = $this->_getAcceptedSaveCookiesWebsites();
-        $acceptedSaveCookiesWebsites[$this->_website->getId()] = 1;
+        $acceptedSaveCookiesWebsites[(int)$this->_website->getId()] = 1;
         return json_encode($acceptedSaveCookiesWebsites);
     }