Hooks/RestrictedHooks: bug fix - quotes within a hook name would be stripped

Use PHPCSUtils `TextStrings::stripQuotes()` to only strip surrounding quotes and not remove any quotes potentially present _within_ the text string.

Includes tests.

Author: jrfnl

WordPressVIPMinimum/Sniffs/Hooks/RestrictedHooksSniff.php

@@ -12,6 +12,7 @@
 use PHP_CodeSniffer\Util\Tokens;
 use PHPCSUtils\Utils\MessageHelper;
 use PHPCSUtils\Utils\PassedParameters;
+use PHPCSUtils\Utils\TextStrings;
 use WordPressCS\WordPress\AbstractFunctionParameterSniff;
 
 /**
@@ -129,7 +130,7 @@ private function normalize_hook_name_from_parameter( $parameter ) {
 		$hook_name = '';
 		for ( $i = $parameter['start']; $i <= $parameter['end']; $i++ ) {
 			if ( $this->tokens[ $i ]['code'] === T_CONSTANT_ENCAPSED_STRING ) {
-				$hook_name .= str_replace( [ "'", '"' ], '', $this->tokens[ $i ]['content'] );
+				$hook_name .= TextStrings::stripQuotes( $this->tokens[ $i ]['content'] );
 			}
 		}
 

WordPressVIPMinimum/Tests/Hooks/RestrictedHooksUnitTest.inc

@@ -78,3 +78,7 @@ add_filter('do_' . 'robots' . 'txt', 'bad_example_function'); // Warning.
 // Ignore partially dynamic hook names.
 add_filter( 'robots_' . $something . 'txt' , $callback); // OK, ignored as undetermined.
 add_filter( 'http_request_timeout' . $something, $callback); // OK, ignored as undetermined.
+
+// Ensure quote stripping is done correctly.
+add_filter( 'upload"_mimes', 'bad_example_function' ); // OK, not a filter we're looking for.
+add_filter( "upload_'mimes", 'bad_example_function' ); // OK, not a filter we're looking for.