vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-04-03 12:14:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve sanitization of 'name' param in get_terms().

Browse Source 
Values of 'name' that contain db-encoded character on insert - like an
ampersand, which is HTML-encoded in the database - will only match if they go
through the same `sanitize_term_field()` routine.

Fixes #32248.

git-svn-id: https://develop.svn.wordpress.org/trunk@32353 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Boone Gorges
2015-05-05 11:13:51 +00:00
parent 3ca1ff6b72
commit 1efe303ebf
2 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
tests/phpunit/tests/term/getTerms.php
View File

@@ -540,6 +540,34 @@ class Tests_Term_getTerms extends WP_UnitTestCase {
$this->assertEqualSets( array( $t3, $t1 ), $found );
}
/**
* @ticket 32248
*/
public function test_name_should_match_encoded_html_entities() {
register_taxonomy( 'wptests_tax', 'post' );
$t = $this->factory->term->create( array(
'taxonomy' => 'wptests_tax',
'name' => 'Foo & Bar',
'slug' => 'foo-and-bar',
) );
$found = get_terms( 'wptests_tax', array(
'hide_empty' => false,
'fields' => 'ids',
'name' => 'Foo & Bar',
) );
$this->assertEqualSets( array( $t ), $found );
// array format.
$found = get_terms( 'wptests_tax', array(
'hide_empty' => false,
'fields' => 'ids',
'name' => array( 'Foo & Bar' ),
) );
$this->assertEqualSets( array( $t ), $found );
}
/**
* @ticket 29839
*/