vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 14:20:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Customize: Prevent auto-draft post/page stubs from being saved with empty slugs or published with non-unique slugs.

Browse Source 
* Allow `WP_Customize_Nav_Menus::insert_auto_draft_post()` to take full post array to pass to `wp_insert_post()`, except for `post_status`. Require `post_title`. 
* Ensure empty `post_name` gets explicitly set to slugified `post_title`.
* Explicitly allow only `post_type` and `post_title` params in `WP_Customize_Nav_Menus::ajax_insert_auto_draft_post()`.
* Use `wp_update_post()` instead of `wp_publish_post()` to ensure unique slugs are assigned to published auto-draft posts.
* Re-use `WP_Customize_Nav_Menus::insert_auto_draft_post()` when inserting stubs from starter content.
 
See #38114, #38013, #34923.
Fixes #38539.


git-svn-id: https://develop.svn.wordpress.org/trunk@39038 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Weston Ruter
2016-10-30 20:20:54 +00:00
parent 32c7696700
commit 4de2e30bb4
4 changed files with 73 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
tests/phpunit/tests/ajax/CustomizeMenus.php
View File

@@ -547,6 +547,10 @@ class Tests_Ajax_CustomizeMenus extends WP_Ajax_UnitTestCase {
$this->assertTrue( $response['success'] );
$this->assertArrayHasKey( 'post_id', $response['data'] );
$this->assertArrayHasKey( 'url', $response['data'] );
$post = get_post( $response['data']['post_id'] );
$this->assertEquals( 'Hello World', $post->post_title );
$this->assertEquals( 'post', $post->post_type );
$this->assertEquals( 'hello-world', $post->post_name );
}
/**
@@ -635,5 +639,21 @@ class Tests_Ajax_CustomizeMenus extends WP_Ajax_UnitTestCase {
$response = json_decode( $this->_last_response, true );
$this->assertFalse( $response['success'] );
$this->assertEquals( 'missing_post_title', $response['data'] );
// illegal_params.
$_POST = wp_slash( array(
'customize-menus-nonce' => wp_create_nonce( 'customize-menus' ),
'params' => array(
'post_type' => 'post',
'post_title' => 'OK',
'post_name' => 'bad',
'post_content' => 'bad',
),
) );
$this->_last_response = '';
$this->make_ajax_call( 'customize-nav-menus-insert-auto-draft' );
$response = json_decode( $this->_last_response, true );
$this->assertFalse( $response['success'] );
$this->assertEquals( 'illegal_params', $response['data'] );
}
}

19
tests/phpunit/tests/customize/nav-menus.php
View File

@@ -542,11 +542,22 @@ class Test_WP_Customize_Nav_Menus extends WP_UnitTestCase {
$this->assertInstanceOf( 'WP_Error', $r );
$this->assertEquals( 'unknown_post_type', $r->get_error_code() );
$r = $menus->insert_auto_draft_post( array( 'post_status' => 'publish', 'post_title' => 'Bad', 'post_type' => 'post' ) );
$this->assertInstanceOf( 'WP_Error', $r );
$this->assertEquals( 'status_forbidden', $r->get_error_code() );
$r = $menus->insert_auto_draft_post( array( 'post_title' => 'Hello World', 'post_type' => 'post' ) );
$this->assertInstanceOf( 'WP_Post', $r );
$this->assertEquals( 'Hello World', $r->post_title );
$this->assertEquals( 'hello-world', $r->post_name );
$this->assertEquals( 'post', $r->post_type );
$this->assertEquals( sanitize_title( $r->post_title ), $r->post_name );
$r = $menus->insert_auto_draft_post( array( 'post_title' => 'Hello World', 'post_type' => 'post', 'post_name' => 'greetings-world', 'post_content' => 'Hi World' ) );
$this->assertInstanceOf( 'WP_Post', $r );
$this->assertEquals( 'Hello World', $r->post_title );
$this->assertEquals( 'post', $r->post_type );
$this->assertEquals( 'greetings-world', $r->post_name );
$this->assertEquals( 'Hi World', $r->post_content );
}
/**
@@ -731,6 +742,7 @@ class Test_WP_Customize_Nav_Menus extends WP_UnitTestCase {
$post_ids = $this->factory()->post->create_many( 3, array(
'post_status' => 'auto-draft',
'post_type' => 'post',
'post_name' => 'auto-draft',
) );
$pre_published_post_id = $this->factory()->post->create( array( 'post_status' => 'publish' ) );
@@ -750,6 +762,11 @@ class Test_WP_Customize_Nav_Menus extends WP_UnitTestCase {
foreach ( $post_ids as $post_id ) {
$this->assertEquals( 'publish', get_post_status( $post_id ) );
}
// Ensure that unique slugs were assigned.
$posts = array_map( 'get_post', $post_ids );
$post_names = wp_list_pluck( $posts, 'post_name' );
$this->assertEqualSets( $post_names, array_unique( $post_names ) );
}
/**