JSON Schemas: fix too-early validation of schemas in FTP hosts (#275)

* Switch to using file_get_contents

* Exclude the `file_get_contents` rule from PHPStan

* Remove schema validation on construct

Author: priethor

.phpcs.xml.dist

@@ -24,6 +24,8 @@
 		<!-- Refactoring of this scale is not in scope yet.-->
 		<exclude name="WordPress.Files.FileName" />
 		<!-- Exclude the entire filename rule -->
+		<exclude name="WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents" />
+		<!-- file_get_contents is safe for reading local plugin files bundled with the plugin. -->
 	</rule>
 
 	<rule ref="WordPress.Security.EscapeOutput">

includes/class-scf-json-schema-validator.php

@@ -44,17 +44,9 @@ class SCF_JSON_Schema_Validator {
 
 		/**
 		 * Constructor.
-		 *
-		 * Validates that all required schemas are available on initialization.
-		 * If schemas are missing, registers an admin notice and prevents usage.
 		 */
 		public function __construct() {
 			$this->schema_path = acf_get_path( 'schemas/' );
-
-			// Validate schemas exist on initialization (skip during static analysis)
-			if ( defined( 'ABSPATH' ) && ! $this->validate_required_schemas() ) {
-				add_action( 'admin_notices', array( $this, 'show_schema_error' ) );
-			}
 		}
 
 
@@ -133,21 +125,11 @@ public function validate_data( $data, $schema_name ) {
 		public function load_schema( $schema_name ) {
 			$schema_file = $this->schema_path . $schema_name . '.schema.json';
 
-			if ( ! file_exists( $schema_file ) ) {
-				return null;
-			}
-
-			if ( ! function_exists( 'WP_Filesystem' ) ) {
-				require_once ABSPATH . 'wp-admin/includes/file.php';
-			}
-			WP_Filesystem();
-			global $wp_filesystem;
-
-			if ( null === $wp_filesystem ) {
+			if ( ! file_exists( $schema_file ) || ! is_readable( $schema_file ) ) {
 				return null;
 			}
 
-			$schema_content = $wp_filesystem->get_contents( $schema_file );
+			$schema_content = file_get_contents( $schema_file );
 			if ( false === $schema_content ) {
 				return null;
 			}
@@ -175,21 +157,6 @@ public function validate_required_schemas() {
 			return true;
 		}
 
-		/**
-		 * Display admin notice when required schemas are not available.
-		 *
-		 * @since 6.6.0
-		 */
-		public function show_schema_error() {
-			?>
-		<div class="notice notice-error is-dismissible">
-			<p>
-				<strong><?php esc_html_e( 'Secure Custom Fields Error:', 'secure-custom-fields' ); ?></strong>
-				<?php esc_html_e( 'Required schema files are missing. Schema validation will not be available. Please ensure all schema files are present in the plugin directory.', 'secure-custom-fields' ); ?>
-			</p>
-		</div>
-			<?php
-		}
 		/**
 		 * Gets the validation errors from the last validation attempt.
 		 *
@@ -275,17 +242,12 @@ public function validate_json( $json_string, $schema_name ) {
 		public function validate_file( $file_path, $schema_name ) {
 			$this->clear_validation_errors();
 
-			if ( ! file_exists( $file_path ) ) {
+			if ( ! file_exists( $file_path ) || ! is_readable( $file_path ) ) {
 				$this->add_validation_error( 'file', 'File does not exist: ' . $file_path );
 				return false;
 			}
 
-			if ( ! function_exists( 'WP_Filesystem' ) ) {
-				require_once ABSPATH . 'wp-admin/includes/file.php';
-			}
-			WP_Filesystem();
-			global $wp_filesystem;
-			$json_content = $wp_filesystem->get_contents( $file_path );
+			$json_content = file_get_contents( $file_path );
 
 			if ( false === $json_content ) {
 				$this->add_validation_error( 'file', 'Could not read file: ' . $file_path );