Previously, a 'user_nicename' parameter passed into the function was
unsanitized. This could result in a mismatch between the sanitized nicename
generated automatically at user creation, resulting in broken author archive
permalinks.
Props joemcgill.
Fixes#29696.
git-svn-id: https://develop.svn.wordpress.org/trunk@29819 602fd350-edb4-49c9-b593-d223f7449a82
* Exhaustive tests for publicly available functionality of WP_Tax_Query.
* For tests that are related to the tax_query argument as used in WP_Query, move to tests/post/query.php.
* Add some tax_query tests to cover single vs multiple queries using AND and OR; various values for 'field'; various values for 'operator'.
* Improve test names.
* Correct @group annotations.
* Improve performance of some WP_Query-related tests by declaring 'update_post_meta/term_cache' false.
Fixes#29718
git-svn-id: https://develop.svn.wordpress.org/trunk@29805 602fd350-edb4-49c9-b593-d223f7449a82
* More complete test coverage for publicly available methods of WP_Meta_Query.
* Move tests that rely on WP_Query (via the meta_query parameter) to tests/post/query.php.
* Better coverage for basic use cases of 'meta_query', including all values of 'compare' and default values of 'key', 'value', and 'compare'.
* Improve performance for tests that run WP_Query, by retrieving only post IDs and not prefetching postmeta and post terms.
* Add 'public' visibility keywords to test methods.
* Whitespace cleanup.
Fixes#29560
git-svn-id: https://develop.svn.wordpress.org/trunk@29799 602fd350-edb4-49c9-b593-d223f7449a82
These include an exhaustive set of tests for term_exists(), as well as tests
for wp_insert_term() that demonstrate failure when attempting to create a
duplicate term.
Props simonwheatley for an initial patch.
See #22023.
git-svn-id: https://develop.svn.wordpress.org/trunk@29798 602fd350-edb4-49c9-b593-d223f7449a82
* Don't run non-numeric values through intval() for sanitization; this transforms them into 1s and 0s, which can cause unintended results.
* Be more generous about numeric array keys (don't require 0 and 1) in BETWEEN and NOT BETWEEN clauses.
Fixes#29801.
git-svn-id: https://develop.svn.wordpress.org/trunk@29797 602fd350-edb4-49c9-b593-d223f7449a82
- Unit tests for all publicly available functionality in WP_Date_Query
- Improve performance of date_query tests that use WP_Query
Fixes#29781
git-svn-id: https://develop.svn.wordpress.org/trunk@29793 602fd350-edb4-49c9-b593-d223f7449a82
* Revert parts of [28773] and [28727] and [29748].
* Do not crash PHP. Make the shortcode quantifier possessive to avoid backtracks.
* Reduce backtracking in long HTML comments by 100x.
* Do not ignore unclosed HTML comments.
* Do not break unregistered shortcodes, e.g. `[hello attr="value"]`.
* Do not break HTML in shortcode attributes, e.g. `[hello attr="<"]`.
* Do not match for shortcodes when there is extra whitespace, e.g. `[ hello ]`.
* Add unit tests to show #12690 was not fully resolved.
* Tested PHP 5.2.4, 5.2.13, 5.4.32, and 5.5.8.
Adds/modifies unit tests.
Props miqrogroove.
See #29557.
git-svn-id: https://develop.svn.wordpress.org/trunk@29781 602fd350-edb4-49c9-b593-d223f7449a82
Adds unit tests that use `DOMDocument` since `assertTag` is being deprecated - see #29545, [29746].
Props obenland, wonderboymusic.
Fixes#29636.
git-svn-id: https://develop.svn.wordpress.org/trunk@29780 602fd350-edb4-49c9-b593-d223f7449a82
The shortcode callbacks for `gallery` and `playlist` check for `'RAND' == $atts['order']`, which isn't a valid value for `order`. Remove those checks and update the docs.
In `WP_Query`, if the value of `orderby` is `rand`, `order` is irrelevant and should be unset.
Adds unit tests.
Fixes#29629.
git-svn-id: https://develop.svn.wordpress.org/trunk@29760 602fd350-edb4-49c9-b593-d223f7449a82
* Expand the `wptexturize()` RegEx to include the list of registered shortcodes.
* Avoid backtracking after `[` chars by not filtering params in registered shortcodes. This will cause escaped shortcodes and their params to become texturized if not registered.
* Registered shortcode params will never be texturized, even when escaped.
* Move all tests involving unregistered shortcodes to a new and improved unit.
* Update one test involving HTML within shortcode params.
Props miqrogroove.
See #29557.
git-svn-id: https://develop.svn.wordpress.org/trunk@29748 602fd350-edb4-49c9-b593-d223f7449a82
Introduces a new get( $token ) method. get_token() would not have made sense and spurred the overall renaming. Public methods are now get, get_all, verify, create, update, destroy, destroy_others, and destroy_all.
The protected abstract methods designed for alternative implementations remain the same.
props mdawaffe.
see #20276.
git-svn-id: https://develop.svn.wordpress.org/trunk@29635 602fd350-edb4-49c9-b593-d223f7449a82
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.
Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().
This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.
props duck_, nacin, mdawaffe.
see #20276.
git-svn-id: https://develop.svn.wordpress.org/trunk@29221 602fd350-edb4-49c9-b593-d223f7449a82