From a4d4c93add501c557d0de69ed98fb3dad69064fd Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 13:39:52 -0500
Subject: [PATCH 01/12] Remove now-redundant filter

---
 admin/class-admin-apple-bulk-export-page.php | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/admin/class-admin-apple-bulk-export-page.php b/admin/class-admin-apple-bulk-export-page.php
index 669ebf01..7345256a 100644
--- a/admin/class-admin-apple-bulk-export-page.php
+++ b/admin/class-admin-apple-bulk-export-page.php
@@ -42,7 +42,6 @@ public function __construct( $settings ) {
 		add_action( 'admin_menu', [ $this, 'register_page' ] );
 		add_action( 'admin_enqueue_scripts', [ $this, 'register_assets' ] );
 		add_action( 'wp_ajax_push_post', [ $this, 'ajax_push_post' ] );
-		add_filter( 'admin_title', [ $this, 'set_title' ] );
 	}
 
 	/**
@@ -66,22 +65,6 @@ public function register_page() {
 		);
 	}
 
-	/**
-	 * Fix the title since WordPress doesn't set one.
-	 *
-	 * @param string $admin_title The title to be filtered.
-	 * @access public
-	 * @return string The title for the screen.
-	 */
-	public function set_title( $admin_title ) {
-		$screen = get_current_screen();
-		if ( 'admin_page_apple_news_bulk_export' === $screen->base ) {
-			$admin_title = __( 'Bulk Export', 'apple-news' ) . $admin_title;
-		}
-
-		return $admin_title;
-	}
-
 	/**
 	 * Builds the plugin submenu page.
 	 *

From 8e278ded119d9fe03033c0cfcd97478b38b99981 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 13:51:23 -0500
Subject: [PATCH 02/12] Use more-standard escaping and encoding

---
 admin/class-admin-apple-bulk-export-page.php | 12 +++++++-----
 admin/class-admin-apple-index-page.php       |  9 ++++++---
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/admin/class-admin-apple-bulk-export-page.php b/admin/class-admin-apple-bulk-export-page.php
index 7345256a..857a59e2 100644
--- a/admin/class-admin-apple-bulk-export-page.php
+++ b/admin/class-admin-apple-bulk-export-page.php
@@ -71,9 +71,10 @@ public function register_page() {
 	 * @access public
 	 */
 	public function build_page() {
-		$ids = isset( $_GET['ids'] ) ? sanitize_text_field( wp_unslash( $_GET['ids'] ) ) : null; // phpcs:ignore WordPress.VIP.SuperGlobalInputUsage.AccessDetected, WordPress.Security.NonceVerification.Recommended
-		if ( ! $ids ) {
-			wp_safe_redirect( esc_url_raw( menu_page_url( $this->plugin_slug . '_index', false ) ) ); // phpcs:ignore WordPressVIPMinimum.Security.ExitAfterRedirect.NoExit
+		$post_ids = isset( $_GET['post_ids'] ) ? sanitize_text_field( wp_unslash( $_GET['post_ids'] ) ) : null;
+
+		if ( ! $post_ids ) {
+			wp_safe_redirect( esc_url_raw( menu_page_url( $this->plugin_slug . '_index', false ) ) );
 			if ( ! defined( 'APPLE_NEWS_UNIT_TESTS' ) || ! APPLE_NEWS_UNIT_TESTS ) {
 				exit;
 			}
@@ -81,8 +82,9 @@ public function build_page() {
 
 		// Populate $articles array with a set of valid posts.
 		$articles = [];
-		foreach ( explode( '.', $ids ) as $id ) {
-			$post = get_post( absint( $id ) );
+		foreach ( explode( ',', $post_ids ) as $post_id ) {
+			$post = get_post( (int) $post_id );
+
 			if ( ! empty( $post ) ) {
 				$articles[] = $post;
 			}
diff --git a/admin/class-admin-apple-index-page.php b/admin/class-admin-apple-index-page.php
index ccef3af7..b821e0fb 100644
--- a/admin/class-admin-apple-index-page.php
+++ b/admin/class-admin-apple-index-page.php
@@ -133,11 +133,14 @@ public function page_router() {
 			case self::namespace_action( 'push' ): // phpcs:ignore PSR2.ControlStructures.SwitchDeclaration.TerminatingComment
 				if ( ! $id ) {
 					$url = menu_page_url( $this->plugin_slug . '_bulk_export', false );
-					if ( isset( $_GET['article'] ) ) { // phpcs:ignore WordPress.VIP.SuperGlobalInputUsage.AccessDetected, WordPress.Security.NonceVerification.Recommended
-						$ids  = is_array( $_GET['article'] ) ? array_map( 'absint', $_GET['article'] ) : absint( $_GET['article'] ); //  phpcs:ignore WordPress.VIP.SuperGlobalInputUsage.AccessDetected, WordPress.Security.NonceVerification.Recommended
-						$url .= '&ids=' . implode( '.', $ids );
+
+					if ( isset( $_GET['article'] ) ) {
+						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article'];
+						$url      = add_query_arg( [ 'post_ids' => implode( ',', $post_ids ) ], $url );
 					}
+
 					wp_safe_redirect( esc_url_raw( $url ) ); // phpcs:ignore WordPressVIPMinimum.Security.ExitAfterRedirect.NoExit
+
 					if ( ! defined( 'APPLE_NEWS_UNIT_TESTS' ) || ! APPLE_NEWS_UNIT_TESTS ) {
 						exit;
 					}

From 96e1e6ad19be010cec02aac126bc117d3623c3ad Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 13:54:07 -0500
Subject: [PATCH 03/12] De-duplicate selector

---
 assets/js/bulk-export.js | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/assets/js/bulk-export.js b/assets/js/bulk-export.js
index 85752ffc..6c6385cf 100644
--- a/assets/js/bulk-export.js
+++ b/assets/js/bulk-export.js
@@ -1,10 +1,11 @@
 (function ( $, window, undefined ) {
 	'use strict';
 
-	var started = false;
+	var started = false,
+    $submitButton = $( '.bulk-export-submit' );
 
 	function done() {
-		$( '.bulk-export-submit' ).text( 'Done' );
+		$submitButton.text( 'Done' );
 	}
 
 	function pushItem( item, next, nonce ) {
@@ -56,7 +57,7 @@
 		next();
 	}
 
-	$('.bulk-export-submit').click(function (e) {
+	$submitButton.click( function ( e ) {
 		e.preventDefault();
 
 		if ( started ) {
@@ -65,6 +66,6 @@
 
 		started = true;
 		bulkPush();
-	});
+	} );
 
 })( jQuery, window );

From 2daa84a81b23ff7259e33206fe8e24aa856fc632 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 15:31:27 -0500
Subject: [PATCH 04/12] Delete checksum when deleting article

This allows the article to be republished. Otherwise, it will appear as though the article is already 'in sync' with Apple News.
---
 admin/apple-actions/class-api-action.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/admin/apple-actions/class-api-action.php b/admin/apple-actions/class-api-action.php
index fce96fbe..e73787e8 100644
--- a/admin/apple-actions/class-api-action.php
+++ b/admin/apple-actions/class-api-action.php
@@ -100,5 +100,6 @@ protected function delete_post_meta( $post_id ): void {
 		delete_post_meta( $post_id, 'apple_news_api_created_at' );
 		delete_post_meta( $post_id, 'apple_news_api_modified_at' );
 		delete_post_meta( $post_id, 'apple_news_api_share_url' );
+		delete_post_meta( $post_id, 'apple_news_article_checksum' );
 	}
 }

From 958b09d7f5f7ccc3e754aedae01ff092e9a9779d Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 15:32:00 -0500
Subject: [PATCH 05/12] Correct check for successful DELETE response

---
 includes/apple-push-api/request/class-request.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/includes/apple-push-api/request/class-request.php b/includes/apple-push-api/request/class-request.php
index ee44a57d..90880424 100644
--- a/includes/apple-push-api/request/class-request.php
+++ b/includes/apple-push-api/request/class-request.php
@@ -411,8 +411,8 @@ private function request( $verb, $url, $data = [] ) {
 			}
 		}
 
-		// NULL is a valid response for DELETE.
-		if ( 'DELETE' === $verb && is_null( $response ) ) {
+		// Successful DELETE requests have no response body.
+		if ( 'DELETE' === $verb && 204 === wp_remote_retrieve_response_code( $response ) ) {
 			return null;
 		}
 

From 6e69aa5dea8388da741905afa4ae7f3e9c98c871 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 15:32:55 -0500
Subject: [PATCH 06/12] Set up delete bulk action

---
 admin/class-admin-apple-bulk-export-page.php | 97 ++++++++++++--------
 admin/class-admin-apple-index-page.php       | 47 ++++++++--
 admin/class-admin-apple-news-list-table.php  |  5 +-
 assets/js/bulk-export.js                     |  7 +-
 4 files changed, 104 insertions(+), 52 deletions(-)

diff --git a/admin/class-admin-apple-bulk-export-page.php b/admin/class-admin-apple-bulk-export-page.php
index 857a59e2..c32442a3 100644
--- a/admin/class-admin-apple-bulk-export-page.php
+++ b/admin/class-admin-apple-bulk-export-page.php
@@ -41,7 +41,8 @@ public function __construct( $settings ) {
 
 		add_action( 'admin_menu', [ $this, 'register_page' ] );
 		add_action( 'admin_enqueue_scripts', [ $this, 'register_assets' ] );
-		add_action( 'wp_ajax_push_post', [ $this, 'ajax_push_post' ] );
+		add_action( 'wp_ajax_apple_news_push_post', [ $this, 'ajax_push_post' ] );
+		add_action( 'wp_ajax_apple_news_delete_post', [ $this, 'ajax_delete_post' ] );
 	}
 
 	/**
@@ -108,13 +109,7 @@ public function ajax_push_post() {
 		// Ensure the post exists and that it's published.
 		$post = get_post( $id );
 		if ( empty( $post ) ) {
-			echo wp_json_encode(
-				[
-					'success' => false,
-					'error'   => __( 'This post no longer exists.', 'apple-news' ),
-				]
-			);
-			wp_die();
+			wp_send_json_error( __( 'This post no longer exists.', 'apple-news' ) );
 		}
 
 		// Check capabilities.
@@ -122,27 +117,17 @@ public function ajax_push_post() {
 			/** This filter is documented in admin/class-admin-apple-post-sync.php */
 			apply_filters( 'apple_news_publish_capability', self::get_capability_for_post_type( 'publish_posts', $post->post_type ) )
 		) ) {
-			echo wp_json_encode(
-				[
-					'success' => false,
-					'error'   => __( 'You do not have permission to publish to Apple News', 'apple-news' ),
-				]
-			);
-			wp_die();
+			wp_send_json_error( __( 'You do not have permission to publish to Apple News', 'apple-news' ) );
 		}
 
 		if ( 'publish' !== $post->post_status ) {
-			echo wp_json_encode(
-				[
-					'success' => false,
-					'error'   => sprintf(
-						// translators: token is a post ID.
-						__( 'Article %s is not published and cannot be pushed to Apple News.', 'apple-news' ),
-						$id
-					),
-				]
+			wp_send_json_error(
+				sprintf(
+					/* translators: %s: post ID */
+					__( 'Article %s is not published and cannot be pushed to Apple News.', 'apple-news' ),
+					$id
+				)
 			);
-			wp_die();
 		}
 
 		$action = new Apple_Actions\Index\Push( $this->settings, $id );
@@ -153,22 +138,56 @@ public function ajax_push_post() {
 		}
 
 		if ( $errors ) {
-			echo wp_json_encode(
-				[
-					'success' => false,
-					'error'   => $errors,
-				]
-			);
-		} else {
-			echo wp_json_encode(
-				[
-					'success' => true,
-				]
-			);
+			wp_send_json_error( $errors );
+		}
+
+		wp_send_json_success();
+	}
+
+	/**
+	 * Handles the ajax action to delete a post from Apple News.
+	 *
+	 * @access public
+	 */
+	public function ajax_delete_post() {
+		// Check the nonce.
+		check_ajax_referer( self::ACTION );
+
+		// Sanitize input data.
+		$id = isset( $_GET['id'] ) ? (int) $_GET['id'] : -1;
+
+		$post = get_post( $id );
+
+		if ( empty( $post ) ) {
+			wp_send_json_error( __( 'This post no longer exists.', 'apple-news' ) );
+		}
+
+		/** This filter is documented in admin/class-admin-apple-post-sync.php */
+		$cap = apply_filters( 'apple_news_delete_capability', self::get_capability_for_post_type( 'delete_posts', $post->post_type ) );
+
+		// Check capabilities.
+		if ( ! current_user_can( $cap ) ) {
+			wp_send_json_error( __( 'You do not have permission to delete posts from Apple News', 'apple-news' ) );
+		}
+
+		$errors = null;
+
+		// Try to sync only if the post has a remote ID. Ref `Admin_Apple_Post_Sync::do_delete()`.
+		if ( get_post_meta( $id, 'apple_news_api_id', true ) ) {
+			$action = new Apple_Actions\Index\Delete( $this->settings, $id );
+
+			try {
+				$errors = $action->perform();
+			} catch ( Apple_Actions\Action_Exception $e ) {
+				$errors = $e->getMessage();
+			}
+		}
+
+		if ( $errors ) {
+			wp_send_json_error( $errors );
 		}
 
-		// This is required to terminate immediately and return a valid response.
-		wp_die();
+		wp_send_json_success();
 	}
 
 	/**
diff --git a/admin/class-admin-apple-index-page.php b/admin/class-admin-apple-index-page.php
index b821e0fb..0f836765 100644
--- a/admin/class-admin-apple-index-page.php
+++ b/admin/class-admin-apple-index-page.php
@@ -110,7 +110,7 @@ public function admin_page() {
 	 *
 	 * @since 0.4.0
 	 * @access public
-	 * @return mixed The result of the requested action.
+	 * @return mixed|void The result of the requested action.
 	 */
 	public function page_router() {
 		$id      = isset( $_GET['post_id'] ) ? absint( $_GET['post_id'] ) : null; // phpcs:ignore WordPress.VIP.SuperGlobalInputUsage.AccessDetected, WordPress.Security.NonceVerification.Recommended
@@ -130,13 +130,21 @@ public function page_router() {
 				return $this->export_action( $id );
 			case self::namespace_action( 'reset' ):
 				return $this->reset_action( $id );
-			case self::namespace_action( 'push' ): // phpcs:ignore PSR2.ControlStructures.SwitchDeclaration.TerminatingComment
-				if ( ! $id ) {
+			case self::namespace_action( 'push' ):
+				if ( $id ) {
+					$this->push_action( $id );
+				} else {
 					$url = menu_page_url( $this->plugin_slug . '_bulk_export', false );
 
 					if ( isset( $_GET['article'] ) ) {
 						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article'];
-						$url      = add_query_arg( [ 'post_ids' => implode( ',', $post_ids ) ], $url );
+						$url      = add_query_arg(
+							[
+								'action'   => 'apple_news_push_post',
+								'post_ids' => implode( ',', $post_ids ),
+							],
+							$url,
+						);
 					}
 
 					wp_safe_redirect( esc_url_raw( $url ) ); // phpcs:ignore WordPressVIPMinimum.Security.ExitAfterRedirect.NoExit
@@ -144,11 +152,34 @@ public function page_router() {
 					if ( ! defined( 'APPLE_NEWS_UNIT_TESTS' ) || ! APPLE_NEWS_UNIT_TESTS ) {
 						exit;
 					}
-				} else {
-					return $this->push_action( $id );
 				}
+
+				break;
 			case self::namespace_action( 'delete' ):
-				return $this->delete_action( $id );
+				if ( $id ) {
+					$this->delete_action( $id );
+				} else {
+					$url = menu_page_url( $this->plugin_slug . '_bulk_export', false );
+
+					if ( isset( $_GET['article'] ) ) {
+						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article'];
+						$url      = add_query_arg(
+							[
+								'action'   => 'apple_news_delete_post',
+								'post_ids' => implode( ',', $post_ids ),
+							],
+							$url,
+						);
+					}
+
+					wp_safe_redirect( esc_url_raw( $url ) ); // phpcs:ignore WordPressVIPMinimum.Security.ExitAfterRedirect.NoExit
+
+					if ( ! defined( 'APPLE_NEWS_UNIT_TESTS' ) || ! APPLE_NEWS_UNIT_TESTS ) {
+						exit;
+					}
+				}
+
+				break;
 		}
 	}
 
@@ -404,7 +435,7 @@ private function delete_action( $id ) {
 		$action = new Apple_Actions\Index\Delete( $this->settings, $id );
 		try {
 			$action->perform();
-			$this->notice_success( __( 'Your article has been removed from apple news.', 'apple-news' ) );
+			$this->notice_success( __( 'Your article has been removed from Apple News.', 'apple-news' ) );
 		} catch ( Apple_Actions\Action_Exception $e ) {
 			$this->notice_error( $e->getMessage() );
 		}
diff --git a/admin/class-admin-apple-news-list-table.php b/admin/class-admin-apple-news-list-table.php
index 676c878f..2466652a 100644
--- a/admin/class-admin-apple-news-list-table.php
+++ b/admin/class-admin-apple-news-list-table.php
@@ -328,8 +328,9 @@ public function get_bulk_actions() {
 		return apply_filters(
 			'apple_news_bulk_actions',
 			[
-				Admin_Apple_Index_Page::namespace_action( 'push' ) => __( 'Publish', 'apple-news' ),
-			]
+				Admin_Apple_Index_Page::namespace_action( 'push' )   => __( 'Publish', 'apple-news' ),
+				Admin_Apple_Index_Page::namespace_action( 'delete' ) => __( 'Delete', 'apple-news' ),
+			],
 		);
 	}
 
diff --git a/assets/js/bulk-export.js b/assets/js/bulk-export.js
index 6c6385cf..734f4ea4 100644
--- a/assets/js/bulk-export.js
+++ b/assets/js/bulk-export.js
@@ -2,6 +2,7 @@
 	'use strict';
 
 	var started = false,
+    searchParams = new URLSearchParams( window.location.search ),
     $submitButton = $( '.bulk-export-submit' );
 
 	function done() {
@@ -13,14 +14,14 @@
 		var $status = $item.find( '.bulk-export-list-item-status' );
 		var id = +$item.data( 'post-id' ); // fetch the post-id and cast to integer
 
-		$status.removeClass( 'pending' ).addClass( 'in-progress' ).text( 'Publishing...' );
+		$status.removeClass( 'pending' ).addClass( 'in-progress' ).text( 'In Progress…' );
 
 		// Send a GET request to ajaxurl, which is WordPress endpoint for AJAX
 		// requests. Expects JSON as response.
 		$.getJSON(
 			ajaxurl,
 			{
-				action: 'push_post',
+				action: searchParams.get( 'action' ),
 				id: id,
 				_ajax_nonce: nonce
 			},
@@ -28,7 +29,7 @@
 				if ( res.success ) {
 					$status.removeClass( 'in-progress' ).addClass( 'success' ).text( 'Success' );
 				} else {
-					$status.removeClass( 'in-progress' ).addClass( 'failed' ).text( res.error );
+					$status.removeClass( 'in-progress' ).addClass( 'failed' ).text( res.data );
 				}
 				next();
 			},

From 7265549b7b48bdcf3df08e225a6f41bcc89b5b55 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sat, 30 Nov 2024 15:33:14 -0500
Subject: [PATCH 07/12] Allow more time for DELETE requests

---
 includes/apple-push-api/request/class-request.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/includes/apple-push-api/request/class-request.php b/includes/apple-push-api/request/class-request.php
index 90880424..49e48f80 100644
--- a/includes/apple-push-api/request/class-request.php
+++ b/includes/apple-push-api/request/class-request.php
@@ -371,6 +371,10 @@ private function request( $verb, $url, $data = [] ) {
 			$args['timeout']                   = 30; // phpcs:ignore WordPressVIPMinimum.Performance.RemoteRequestTimeout.timeout_timeout
 		}
 
+		if ( 'DELETE' === $verb ) {
+			$args['timeout'] = 5;
+		}
+
 		/**
 		 * Allow filtering of the default arguments for the request.
 		 *

From 6b0d0221ced8d195f89dd421c73df1d675a50008 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sun, 1 Dec 2024 23:35:06 -0500
Subject: [PATCH 08/12] Set page text depending on the action

---
 admin/class-admin-apple-bulk-export-page.php | 26 +++++++++++++++++---
 admin/partials/page-bulk-export.php          | 19 ++++++++------
 2 files changed, 34 insertions(+), 11 deletions(-)

diff --git a/admin/class-admin-apple-bulk-export-page.php b/admin/class-admin-apple-bulk-export-page.php
index c32442a3..87554e0d 100644
--- a/admin/class-admin-apple-bulk-export-page.php
+++ b/admin/class-admin-apple-bulk-export-page.php
@@ -73,6 +73,7 @@ public function register_page() {
 	 */
 	public function build_page() {
 		$post_ids = isset( $_GET['post_ids'] ) ? sanitize_text_field( wp_unslash( $_GET['post_ids'] ) ) : null;
+		$action   = isset( $_GET['action'] ) ? sanitize_text_field( wp_unslash( $_GET['action'] ) ) : '';
 
 		if ( ! $post_ids ) {
 			wp_safe_redirect( esc_url_raw( menu_page_url( $this->plugin_slug . '_index', false ) ) );
@@ -81,16 +82,35 @@ public function build_page() {
 			}
 		}
 
-		// Populate $articles array with a set of valid posts.
-		$articles = [];
+		// Allow only specific actions.
+		if ( ! in_array( $action, [ 'apple_news_push_post', 'apple_news_delete_post' ], true ) ) {
+			wp_die( esc_html__( 'Invalid action.', 'apple-news' ), '', [ 'response' => 400 ] );
+		}
+
+		// Populate articles array with a set of valid posts.
+		$apple_posts = [];
 		foreach ( explode( ',', $post_ids ) as $post_id ) {
 			$post = get_post( (int) $post_id );
 
 			if ( ! empty( $post ) ) {
-				$articles[] = $post;
+				$apple_posts[] = $post;
 			}
 		}
 
+		// Override text within the partial depending on the action.
+		$apple_page_title       = match ( $action ) {
+			'apple_news_push_post' => __( 'Bulk Export Articles', 'apple-news' ),
+			'apple_news_delete_post' => __( 'Bulk Delete Articles', 'apple-news' ),
+		};
+		$apple_page_description = match ( $action ) {
+			'apple_news_push_post' => __( 'The following articles will be exported.', 'apple-news' ),
+			'apple_news_delete_post' => __( 'The following articles will be deleted.', 'apple-news' ),
+		};
+		$apple_submit_text      = match ( $action ) {
+			'apple_news_push_post' => __( 'Export', 'apple-news' ),
+			'apple_news_delete_post' => __( 'Delete', 'apple-news' ),
+		};
+
 		require_once __DIR__ . '/partials/page-bulk-export.php';
 	}
 
diff --git a/admin/partials/page-bulk-export.php b/admin/partials/page-bulk-export.php
index de923e5d..dd5747a2 100644
--- a/admin/partials/page-bulk-export.php
+++ b/admin/partials/page-bulk-export.php
@@ -2,17 +2,20 @@
 /**
  * Publish to Apple News partials: Bulk Export page template
  *
- * phpcs:disable VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedVariable
- *
- * @global array $articles
- *
  * @package Apple_News
  */
 
+// Expect these variables to be defined in Admin_Apple_Bulk_Export_Page::build_page() but make sure they're set.
+$apple_page_title       ??= __( 'Bulk Export', 'apple-news' );
+$apple_page_description ??= __( 'The following articles will be affected.', 'apple-news' );
+$apple_posts            ??= [];
+$apple_submit_text      ??= __( 'Go', 'apple-news' );
+
 ?>
 <div class="wrap">
-	<h1><?php esc_html_e( 'Bulk Export Articles', 'apple-news' ); ?></h1>
-	<p><?php esc_html_e( "The following articles will be published to Apple News. Once started, it might take a while, please don't close the browser window.", 'apple-news' ); ?></p>
+	<h1><?php echo esc_html( $apple_page_title ); ?></h1>
+	<p><?php echo esc_html( $apple_page_description ); ?></p>
+	<p><?php esc_html_e( "Once started, it might take a while. Please don't close the browser window.", 'apple-news' ); ?></p>
 	<?php
 	/**
 	 * Allows for custom HTML to be printed before the bulk export table.
@@ -20,7 +23,7 @@
 	do_action( 'apple_news_before_bulk_export_table' );
 	?>
 	<ul class="bulk-export-list" data-nonce="<?php echo esc_attr( wp_create_nonce( Admin_Apple_Bulk_Export_Page::ACTION ) ); ?>">
-		<?php foreach ( $articles as $apple_post ) : ?>
+		<?php foreach ( $apple_posts as $apple_post ) : ?>
 		<li class="bulk-export-list-item" data-post-id="<?php echo esc_attr( $apple_post->ID ); ?>">
 			<span class="bulk-export-list-item-title">
 				<?php echo esc_html( $apple_post->post_title ); ?>
@@ -39,5 +42,5 @@
 	?>
 
 	<a class="button" href="<?php echo esc_url( menu_page_url( $this->plugin_slug . '_index', false ) ); ?>"><?php esc_html_e( 'Back', 'apple-news' ); ?></a>
-	<a class="button button-primary bulk-export-submit" href="#"><?php esc_html_e( 'Publish All', 'apple-news' ); ?></a>
+	<a class="button button-primary bulk-export-submit" href="#"><?php echo esc_html( $apple_submit_text ); ?></a>
 </div>

From 640f0d6588f4e43eac1ff24c4e84b2f4359f6f34 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sun, 1 Dec 2024 23:48:44 -0500
Subject: [PATCH 09/12] Disable submit button after completion

---
 assets/js/bulk-export.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/assets/js/bulk-export.js b/assets/js/bulk-export.js
index 734f4ea4..51ae1552 100644
--- a/assets/js/bulk-export.js
+++ b/assets/js/bulk-export.js
@@ -7,6 +7,7 @@
 
 	function done() {
 		$submitButton.text( 'Done' );
+    $submitButton.attr( 'disabled', 'disabled' );
 	}
 
 	function pushItem( item, next, nonce ) {

From e70146381f629a5e0c36345ce0de072328f7a621 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Sun, 1 Dec 2024 23:54:20 -0500
Subject: [PATCH 10/12] Restore PHPCS ignores

---
 admin/class-admin-apple-bulk-export-page.php      | 11 ++++++-----
 admin/class-admin-apple-index-page.php            |  8 ++++----
 includes/apple-push-api/request/class-request.php |  2 +-
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/admin/class-admin-apple-bulk-export-page.php b/admin/class-admin-apple-bulk-export-page.php
index 87554e0d..74731ef0 100644
--- a/admin/class-admin-apple-bulk-export-page.php
+++ b/admin/class-admin-apple-bulk-export-page.php
@@ -72,11 +72,12 @@ public function register_page() {
 	 * @access public
 	 */
 	public function build_page() {
-		$post_ids = isset( $_GET['post_ids'] ) ? sanitize_text_field( wp_unslash( $_GET['post_ids'] ) ) : null;
-		$action   = isset( $_GET['action'] ) ? sanitize_text_field( wp_unslash( $_GET['action'] ) ) : '';
+		$post_ids = isset( $_GET['post_ids'] ) ? sanitize_text_field( wp_unslash( $_GET['post_ids'] ) ) : null; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+		$action   = isset( $_GET['action'] ) ? sanitize_text_field( wp_unslash( $_GET['action'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 
 		if ( ! $post_ids ) {
-			wp_safe_redirect( esc_url_raw( menu_page_url( $this->plugin_slug . '_index', false ) ) );
+			wp_safe_redirect( esc_url_raw( menu_page_url( $this->plugin_slug . '_index', false ) ) ); // phpcs:ignore WordPressVIPMinimum.Security.ExitAfterRedirect.NoExit
+
 			if ( ! defined( 'APPLE_NEWS_UNIT_TESTS' ) || ! APPLE_NEWS_UNIT_TESTS ) {
 				exit;
 			}
@@ -98,7 +99,7 @@ public function build_page() {
 		}
 
 		// Override text within the partial depending on the action.
-		$apple_page_title       = match ( $action ) {
+		$apple_page_title = match ( $action ) {
 			'apple_news_push_post' => __( 'Bulk Export Articles', 'apple-news' ),
 			'apple_news_delete_post' => __( 'Bulk Delete Articles', 'apple-news' ),
 		};
@@ -106,7 +107,7 @@ public function build_page() {
 			'apple_news_push_post' => __( 'The following articles will be exported.', 'apple-news' ),
 			'apple_news_delete_post' => __( 'The following articles will be deleted.', 'apple-news' ),
 		};
-		$apple_submit_text      = match ( $action ) {
+		$apple_submit_text = match ( $action ) {
 			'apple_news_push_post' => __( 'Export', 'apple-news' ),
 			'apple_news_delete_post' => __( 'Delete', 'apple-news' ),
 		};
diff --git a/admin/class-admin-apple-index-page.php b/admin/class-admin-apple-index-page.php
index 0f836765..80a99e9b 100644
--- a/admin/class-admin-apple-index-page.php
+++ b/admin/class-admin-apple-index-page.php
@@ -136,8 +136,8 @@ public function page_router() {
 				} else {
 					$url = menu_page_url( $this->plugin_slug . '_bulk_export', false );
 
-					if ( isset( $_GET['article'] ) ) {
-						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article'];
+					if ( isset( $_GET['article'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article']; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 						$url      = add_query_arg(
 							[
 								'action'   => 'apple_news_push_post',
@@ -161,8 +161,8 @@ public function page_router() {
 				} else {
 					$url = menu_page_url( $this->plugin_slug . '_bulk_export', false );
 
-					if ( isset( $_GET['article'] ) ) {
-						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article'];
+					if ( isset( $_GET['article'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+						$post_ids = is_array( $_GET['article'] ) ? array_map( 'intval', $_GET['article'] ) : (int) $_GET['article']; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 						$url      = add_query_arg(
 							[
 								'action'   => 'apple_news_delete_post',
diff --git a/includes/apple-push-api/request/class-request.php b/includes/apple-push-api/request/class-request.php
index 49e48f80..cf529209 100644
--- a/includes/apple-push-api/request/class-request.php
+++ b/includes/apple-push-api/request/class-request.php
@@ -372,7 +372,7 @@ private function request( $verb, $url, $data = [] ) {
 		}
 
 		if ( 'DELETE' === $verb ) {
-			$args['timeout'] = 5;
+			$args['timeout'] = 5; // phpcs:ignore WordPressVIPMinimum.Performance.RemoteRequestTimeout.timeout_timeout
 		}
 
 		/**

From 83b8bece248684d34167d92b7c58ce8ee403f7ee Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Tue, 3 Dec 2024 01:14:54 -0500
Subject: [PATCH 11/12] Spacin'

---
 assets/js/bulk-export.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/assets/js/bulk-export.js b/assets/js/bulk-export.js
index 51ae1552..c9d71e16 100644
--- a/assets/js/bulk-export.js
+++ b/assets/js/bulk-export.js
@@ -2,12 +2,12 @@
 	'use strict';
 
 	var started = false,
-    searchParams = new URLSearchParams( window.location.search ),
-    $submitButton = $( '.bulk-export-submit' );
+		searchParams = new URLSearchParams( window.location.search ),
+		$submitButton = $( '.bulk-export-submit' );
 
 	function done() {
 		$submitButton.text( 'Done' );
-    $submitButton.attr( 'disabled', 'disabled' );
+		$submitButton.attr( 'disabled', 'disabled' );
 	}
 
 	function pushItem( item, next, nonce ) {

From 0ab4d9c8551b19a510fd9ce54bec8d0d358981b1 Mon Sep 17 00:00:00 2001
From: David Herrera <david@alley.com>
Date: Tue, 3 Dec 2024 23:14:05 -0500
Subject: [PATCH 12/12] Undo button text change

---
 admin/class-admin-apple-bulk-export-page.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/admin/class-admin-apple-bulk-export-page.php b/admin/class-admin-apple-bulk-export-page.php
index 74731ef0..91eba186 100644
--- a/admin/class-admin-apple-bulk-export-page.php
+++ b/admin/class-admin-apple-bulk-export-page.php
@@ -108,8 +108,8 @@ public function build_page() {
 			'apple_news_delete_post' => __( 'The following articles will be deleted.', 'apple-news' ),
 		};
 		$apple_submit_text = match ( $action ) {
-			'apple_news_push_post' => __( 'Export', 'apple-news' ),
-			'apple_news_delete_post' => __( 'Delete', 'apple-news' ),
+			'apple_news_push_post' => __( 'Publish All', 'apple-news' ),
+			'apple_news_delete_post' => __( 'Delete All', 'apple-news' ),
 		};
 
 		require_once __DIR__ . '/partials/page-bulk-export.php';