Administration: Ensure that admin referer nonce is valid.

Coding standards, ensure that nonce is valid with identical, rather then equal operator.

Props vortfu, xknown, whyisjake.


git-svn-id: https://develop.svn.wordpress.org/trunk@46477 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Jake Spurlock
2019-10-14 15:38:14 +00:00
parent f06c6bb20c
commit f53a78fda7
2 changed files with 13 additions and 3 deletions

View File

@@ -24,7 +24,7 @@ class Tests_Auth extends WP_UnitTestCase {
self::$user_id = self::$_user->ID;
require_once( ABSPATH . WPINC . '/class-phpass.php' );
require_once ABSPATH . WPINC . '/class-phpass.php';
self::$wp_hasher = new PasswordHash( 8, true );
}
@@ -165,6 +165,16 @@ class Tests_Auth extends WP_UnitTestCase {
unset( $_REQUEST['_wpnonce'] );
}
public function test_check_admin_referer_with_default_action_as_string_not_doing_it_wrong() {
$this->setExpectedIncorrectUsage( 'check_admin_referer' );
// A valid nonce needs to be set so the check doesn't die()
$_REQUEST['_wpnonce'] = wp_create_nonce( '-1' );
$result = check_admin_referer( '-1' );
$this->assertSame( 1, $result );
unset( $_REQUEST['_wpnonce'] );
}
/**
* @ticket 36361
*/