Skip to content

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
WordPress unit test to verify that slashed data is saved properly for comments
<?php
/**
* @group comment
* @group slashes
*/
class Tests_Comment_Slashes extends WP_UnitTestCase {
function setUp() {
parent::setUp();
// we need an admin user to bypass comment flood protection
$this->author_id = $this->factory->user->create( array( 'role' => 'administrator' ) );
$this->old_current_user = get_current_user_id();
wp_set_current_user( $this->author_id );
// it is important to test with both even and odd numbered slashes as
// kses does a strip-then-add slashes in some of it's function calls
$this->slash_1 = 'String with 1 slash \\';
$this->slash_2 = 'String with 2 slashes \\\\';
$this->slash_3 = 'String with 3 slashes \\\\\\';
$this->slash_4 = 'String with 4 slashes \\\\\\\\';
$this->slash_5 = 'String with 5 slashes \\\\\\\\\\';
$this->slash_6 = 'String with 6 slashes \\\\\\\\\\\\';
$this->slash_7 = 'String with 7 slashes \\\\\\\\\\\\\\';
}
function tearDown() {
wp_set_current_user( $this->old_current_user );
parent::tearDown();
}
/**
* Tests the extended model function that expects un-slashed data
*
*/
function test_wp_new_comment() {
$post_id = $this->factory->post->create();
// not testing comment_author_email or comment_author_url
// as slashes are not permitted in that data
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => $this->slash_1,
'comment_content' => $this->slash_7,
);
$id = wp_new_comment( $data );
$comment = get_comment($id);
$this->assertEquals( $this->slash_1, $comment->comment_author );
$this->assertEquals( $this->slash_7, $comment->comment_content );
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => $this->slash_2,
'comment_content' => $this->slash_4,
);
$id = wp_new_comment( $data );
$comment = get_comment($id);
$this->assertEquals( $this->slash_2, $comment->comment_author );
$this->assertEquals( $this->slash_4, $comment->comment_content );
}
/**
* Tests the controller function that expects slashed data
*
*/
function test_edit_comment() {
$post_id = $this->factory->post->create();
$comment_id = $this->factory->comment->create(array(
'comment_post_ID' => $post_id
));
// not testing comment_author_email or comment_author_url
// as slashes are not permitted in that data
$_POST = array();
$_POST['comment_ID'] = $comment_id;
$_POST['newcomment_author'] = $this->slash_1;
$_POST['content'] = $this->slash_7;
$_POST = add_magic_quotes( $_POST );
edit_comment();
$comment = get_comment( $comment_id );
$this->assertEquals( $this->slash_1, $comment->comment_author );
$this->assertEquals( $this->slash_7, $comment->comment_content );
$_POST = array();
$_POST['comment_ID'] = $comment_id;
$_POST['newcomment_author'] = $this->slash_2;
$_POST['content'] = $this->slash_4;
$_POST = add_magic_quotes( $_POST );
edit_comment();
$comment = get_comment( $comment_id );
$this->assertEquals( $this->slash_2, $comment->comment_author );
$this->assertEquals( $this->slash_4, $comment->comment_content );
}
/**
* Tests the model function that expects un-slashed data
*
*/
function test_wp_insert_comment() {
$post_id = $this->factory->post->create();
$comment_id = wp_insert_comment(array(
'comment_post_ID' => $post_id,
'comment_author' => $this->slash_1,
'comment_content' => $this->slash_7,
));
$comment = get_comment( $comment_id );
$this->assertEquals( $this->slash_1, $comment->comment_author );
$this->assertEquals( $this->slash_7, $comment->comment_content );
$comment_id = wp_insert_comment(array(
'comment_post_ID' => $post_id,
'comment_author' => $this->slash_2,
'comment_content' => $this->slash_4,
));
$comment = get_comment( $comment_id );
$this->assertEquals( $this->slash_2, $comment->comment_author );
$this->assertEquals( $this->slash_4, $comment->comment_content );
}
/**
* Tests the model function that expects un-slashed data
*
*/
function test_wp_update_comment() {
$post_id = $this->factory->post->create();
$comment_id = $this->factory->comment->create(array(
'comment_post_ID' => $post_id
));
wp_update_comment(array(
'comment_ID' => $comment_id,
'comment_author' => $this->slash_1,
'comment_content' => $this->slash_7,
));
$comment = get_comment( $comment_id );
$this->assertEquals( $this->slash_1, $comment->comment_author );
$this->assertEquals( $this->slash_7, $comment->comment_content );
wp_update_comment(array(
'comment_ID' => $comment_id,
'comment_author' => $this->slash_2,
'comment_content' => $this->slash_4,
));
$comment = get_comment( $comment_id );
$this->assertEquals( $this->slash_2, $comment->comment_author );
$this->assertEquals( $this->slash_4, $comment->comment_content );
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.