sergiotarxz/Wordpress
sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

User Settings: allow dashes in get|set_user_setting() in PHP and get|setUserSetting() in JS.

Browse Source 
Add unit tests - there were none. Mock `set_user_setting()` since it won't run due to `headers_sent()` being `true`.

Fixes #22781.


git-svn-id: https://develop.svn.wordpress.org/trunk@33840 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Scott Taylor 2015-09-01 03:56:44 +00:00
parent 3710226cf4
commit 99c34d57c1
3 changed files with 54 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/wp-includes/js/utils.js
View File

@ -161,12 +161,12 @@ function setUserSetting( name, value, _del ) {
path = userSettings.url,
secure = !! userSettings.secure;
name = name.toString().replace( /[^A-Za-z0-9_]/, '' );
name = name.toString().replace( /[^A-Za-z0-9_-]/, '' );
if ( typeof value === 'number' ) {
value = parseInt( value, 10 );
} else {
value = value.toString().replace( /[^A-Za-z0-9_]/, '' );
value = value.toString().replace( /[^A-Za-z0-9_-]/, '' );
}
settings = settings || {};

6
src/wp-includes/option.php
View File

@ -900,7 +900,7 @@ function get_all_user_settings() {
$user_settings = array();
if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
$cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $user_id] );
$cookie = preg_replace( '/[^A-Za-z0-9=&_-]/', '', $_COOKIE['wp-settings-' . $user_id] );
if ( strpos( $cookie, '=' ) ) { // '=' cannot be 1st char
parse_str( $cookie, $user_settings );
@ -940,8 +940,8 @@ function wp_set_all_user_settings( $user_settings ) {
$settings = '';
foreach ( $user_settings as $name => $value ) {
$_name = preg_replace( '/[^A-Za-z0-9_]+/', '', $name );
$_value = preg_replace( '/[^A-Za-z0-9_]+/', '', $value );
$_name = preg_replace( '/[^A-Za-z0-9_-]+/', '', $name );
$_value = preg_replace( '/[^A-Za-z0-9_-]+/', '', $value );
if ( ! empty( $_name ) ) {
$settings .= $_name . '=' . $_value . '&';

49
tests/phpunit/tests/option/userSettings.php Normal file
View File

@ -0,0 +1,49 @@
<?php
class Tests_User_Settings extends WP_UnitTestCase {
protected $user_id;
function setUp() {
parent::setUp();
$this->user_id = $this->factory->user->create( array(
'role' => 'administrator'
) );
wp_set_current_user( $this->user_id );
}
function tearDown() {
unset( $GLOBALS['_updated_user_settings'] );
delete_user_option( $this->user_id, 'user-settings' );
parent::tearDown();
}
function test_set_user_setting() {
$foo = get_user_setting( 'foo' );
$this->assertEmpty( $foo );
$this->set_user_setting( 'foo', 'bar' );
$this->assertEquals( 'bar', get_user_setting( 'foo' ) );
}
function test_set_user_setting_dashes() {
$foo = get_user_setting( 'foo' );
$this->assertEmpty( $foo );
$this->set_user_setting( 'foo', 'foo-bar' );
$this->assertEquals( 'foo-bar', get_user_setting( 'foo' ) );
}
// set_user_setting bails if `headers_sent()` is true
function set_user_setting( $name, $value ) {
$all_user_settings = get_all_user_settings();
$all_user_settings[ $name ] = $value;
return wp_set_all_user_settings( $all_user_settings );
}
}