mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2025-10-16 12:05:38 +00:00
8f95800d52
WordPress' code just... wasn't. This is now dealt with. Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS. Fixes #41057. git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
177 lines
5.4 KiB
PHP
177 lines
5.4 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @group comment
|
|
* @group slashes
|
|
* @ticket 21767
|
|
*/
|
|
class Tests_Comment_Slashes extends WP_UnitTestCase {
|
|
function setUp() {
|
|
parent::setUp();
|
|
// we need an admin user to bypass comment flood protection
|
|
$this->author_id = self::factory()->user->create( array( 'role' => 'administrator' ) );
|
|
wp_set_current_user( $this->author_id );
|
|
|
|
// it is important to test with both even and odd numbered slashes as
|
|
// kses does a strip-then-add slashes in some of its function calls
|
|
$this->slash_1 = 'String with 1 slash \\';
|
|
$this->slash_2 = 'String with 2 slashes \\\\';
|
|
$this->slash_3 = 'String with 3 slashes \\\\\\';
|
|
$this->slash_4 = 'String with 4 slashes \\\\\\\\';
|
|
$this->slash_5 = 'String with 5 slashes \\\\\\\\\\';
|
|
$this->slash_6 = 'String with 6 slashes \\\\\\\\\\\\';
|
|
$this->slash_7 = 'String with 7 slashes \\\\\\\\\\\\\\';
|
|
}
|
|
|
|
/**
|
|
* Tests the extended model function that expects slashed data
|
|
*/
|
|
function test_wp_new_comment() {
|
|
$post_id = self::factory()->post->create();
|
|
|
|
// not testing comment_author_email or comment_author_url
|
|
// as slashes are not permitted in that data
|
|
$data = array(
|
|
'comment_post_ID' => $post_id,
|
|
'comment_author' => $this->slash_1,
|
|
'comment_author_url' => '',
|
|
'comment_author_email' => '',
|
|
'comment_type' => '',
|
|
'comment_content' => $this->slash_7,
|
|
);
|
|
$id = wp_new_comment( $data );
|
|
|
|
$comment = get_comment( $id );
|
|
|
|
$this->assertEquals( wp_unslash( $this->slash_1 ), $comment->comment_author );
|
|
$this->assertEquals( wp_unslash( $this->slash_7 ), $comment->comment_content );
|
|
|
|
$data = array(
|
|
'comment_post_ID' => $post_id,
|
|
'comment_author' => $this->slash_2,
|
|
'comment_author_url' => '',
|
|
'comment_author_email' => '',
|
|
'comment_type' => '',
|
|
'comment_content' => $this->slash_4,
|
|
);
|
|
$id = wp_new_comment( $data );
|
|
|
|
$comment = get_comment( $id );
|
|
|
|
$this->assertEquals( wp_unslash( $this->slash_2 ), $comment->comment_author );
|
|
$this->assertEquals( wp_unslash( $this->slash_4 ), $comment->comment_content );
|
|
}
|
|
|
|
/**
|
|
* Tests the controller function that expects slashed data
|
|
*/
|
|
function test_edit_comment() {
|
|
$post_id = self::factory()->post->create();
|
|
$comment_id = self::factory()->comment->create(
|
|
array(
|
|
'comment_post_ID' => $post_id,
|
|
)
|
|
);
|
|
|
|
// not testing comment_author_email or comment_author_url
|
|
// as slashes are not permitted in that data
|
|
$_POST = array();
|
|
$_POST['comment_ID'] = $comment_id;
|
|
$_POST['comment_status'] = '';
|
|
$_POST['newcomment_author'] = $this->slash_1;
|
|
$_POST['newcomment_author_url'] = '';
|
|
$_POST['newcomment_author_email'] = '';
|
|
$_POST['content'] = $this->slash_7;
|
|
$_POST = add_magic_quotes( $_POST );
|
|
|
|
edit_comment();
|
|
$comment = get_comment( $comment_id );
|
|
|
|
$this->assertEquals( $this->slash_1, $comment->comment_author );
|
|
$this->assertEquals( $this->slash_7, $comment->comment_content );
|
|
|
|
$_POST = array();
|
|
$_POST['comment_ID'] = $comment_id;
|
|
$_POST['comment_status'] = '';
|
|
$_POST['newcomment_author'] = $this->slash_2;
|
|
$_POST['newcomment_author_url'] = '';
|
|
$_POST['newcomment_author_email'] = '';
|
|
$_POST['content'] = $this->slash_4;
|
|
$_POST = add_magic_quotes( $_POST );
|
|
|
|
edit_comment();
|
|
$comment = get_comment( $comment_id );
|
|
|
|
$this->assertEquals( $this->slash_2, $comment->comment_author );
|
|
$this->assertEquals( $this->slash_4, $comment->comment_content );
|
|
}
|
|
|
|
/**
|
|
* Tests the model function that expects slashed data
|
|
*/
|
|
function test_wp_insert_comment() {
|
|
$post_id = self::factory()->post->create();
|
|
|
|
$comment_id = wp_insert_comment(
|
|
array(
|
|
'comment_post_ID' => $post_id,
|
|
'comment_author' => $this->slash_1,
|
|
'comment_content' => $this->slash_7,
|
|
)
|
|
);
|
|
$comment = get_comment( $comment_id );
|
|
|
|
$this->assertEquals( wp_unslash( $this->slash_1 ), $comment->comment_author );
|
|
$this->assertEquals( wp_unslash( $this->slash_7 ), $comment->comment_content );
|
|
|
|
$comment_id = wp_insert_comment(
|
|
array(
|
|
'comment_post_ID' => $post_id,
|
|
'comment_author' => $this->slash_2,
|
|
'comment_content' => $this->slash_4,
|
|
)
|
|
);
|
|
$comment = get_comment( $comment_id );
|
|
|
|
$this->assertEquals( wp_unslash( $this->slash_2 ), $comment->comment_author );
|
|
$this->assertEquals( wp_unslash( $this->slash_4 ), $comment->comment_content );
|
|
}
|
|
|
|
/**
|
|
* Tests the model function that expects slashed data
|
|
*/
|
|
function test_wp_update_comment() {
|
|
$post_id = self::factory()->post->create();
|
|
$comment_id = self::factory()->comment->create(
|
|
array(
|
|
'comment_post_ID' => $post_id,
|
|
)
|
|
);
|
|
|
|
wp_update_comment(
|
|
array(
|
|
'comment_ID' => $comment_id,
|
|
'comment_author' => $this->slash_1,
|
|
'comment_content' => $this->slash_7,
|
|
)
|
|
);
|
|
$comment = get_comment( $comment_id );
|
|
|
|
$this->assertEquals( wp_unslash( $this->slash_1 ), $comment->comment_author );
|
|
$this->assertEquals( wp_unslash( $this->slash_7 ), $comment->comment_content );
|
|
|
|
wp_update_comment(
|
|
array(
|
|
'comment_ID' => $comment_id,
|
|
'comment_author' => $this->slash_2,
|
|
'comment_content' => $this->slash_4,
|
|
)
|
|
);
|
|
$comment = get_comment( $comment_id );
|
|
|
|
$this->assertEquals( wp_unslash( $this->slash_2 ), $comment->comment_author );
|
|
$this->assertEquals( wp_unslash( $this->slash_4 ), $comment->comment_content );
|
|
}
|
|
|
|
}
|