/wp-test-comment-slash.php
Created Sep 20, 2012
WordPress unit test to verify that slashed data is saved properly for comments
| <?php | |
| /** | |
| * @group comment | |
| * @group slashes | |
| */ | |
| class Tests_Comment_Slashes extends WP_UnitTestCase { | |
| function setUp() { | |
| parent::setUp(); | |
| // we need an admin user to bypass comment flood protection | |
| $this->author_id = $this->factory->user->create( array( 'role' => 'administrator' ) ); | |
| $this->old_current_user = get_current_user_id(); | |
| wp_set_current_user( $this->author_id ); | |
| // it is important to test with both even and odd numbered slashes as | |
| // kses does a strip-then-add slashes in some of it's function calls | |
| $this->slash_1 = 'String with 1 slash \\'; | |
| $this->slash_2 = 'String with 2 slashes \\\\'; | |
| $this->slash_3 = 'String with 3 slashes \\\\\\'; | |
| $this->slash_4 = 'String with 4 slashes \\\\\\\\'; | |
| $this->slash_5 = 'String with 5 slashes \\\\\\\\\\'; | |
| $this->slash_6 = 'String with 6 slashes \\\\\\\\\\\\'; | |
| $this->slash_7 = 'String with 7 slashes \\\\\\\\\\\\\\'; | |
| } | |
| function tearDown() { | |
| wp_set_current_user( $this->old_current_user ); | |
| parent::tearDown(); | |
| } | |
| /** | |
| * Tests the extended model function that expects un-slashed data | |
| * | |
| */ | |
| function test_wp_new_comment() { | |
| $post_id = $this->factory->post->create(); | |
| // not testing comment_author_email or comment_author_url | |
| // as slashes are not permitted in that data | |
| $data = array( | |
| 'comment_post_ID' => $post_id, | |
| 'comment_author' => $this->slash_1, | |
| 'comment_content' => $this->slash_7, | |
| ); | |
| $id = wp_new_comment( $data ); | |
| $comment = get_comment($id); | |
| $this->assertEquals( $this->slash_1, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_7, $comment->comment_content ); | |
| $data = array( | |
| 'comment_post_ID' => $post_id, | |
| 'comment_author' => $this->slash_2, | |
| 'comment_content' => $this->slash_4, | |
| ); | |
| $id = wp_new_comment( $data ); | |
| $comment = get_comment($id); | |
| $this->assertEquals( $this->slash_2, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_4, $comment->comment_content ); | |
| } | |
| /** | |
| * Tests the controller function that expects slashed data | |
| * | |
| */ | |
| function test_edit_comment() { | |
| $post_id = $this->factory->post->create(); | |
| $comment_id = $this->factory->comment->create(array( | |
| 'comment_post_ID' => $post_id | |
| )); | |
| // not testing comment_author_email or comment_author_url | |
| // as slashes are not permitted in that data | |
| $_POST = array(); | |
| $_POST['comment_ID'] = $comment_id; | |
| $_POST['newcomment_author'] = $this->slash_1; | |
| $_POST['content'] = $this->slash_7; | |
| $_POST = add_magic_quotes( $_POST ); | |
| edit_comment(); | |
| $comment = get_comment( $comment_id ); | |
| $this->assertEquals( $this->slash_1, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_7, $comment->comment_content ); | |
| $_POST = array(); | |
| $_POST['comment_ID'] = $comment_id; | |
| $_POST['newcomment_author'] = $this->slash_2; | |
| $_POST['content'] = $this->slash_4; | |
| $_POST = add_magic_quotes( $_POST ); | |
| edit_comment(); | |
| $comment = get_comment( $comment_id ); | |
| $this->assertEquals( $this->slash_2, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_4, $comment->comment_content ); | |
| } | |
| /** | |
| * Tests the model function that expects un-slashed data | |
| * | |
| */ | |
| function test_wp_insert_comment() { | |
| $post_id = $this->factory->post->create(); | |
| $comment_id = wp_insert_comment(array( | |
| 'comment_post_ID' => $post_id, | |
| 'comment_author' => $this->slash_1, | |
| 'comment_content' => $this->slash_7, | |
| )); | |
| $comment = get_comment( $comment_id ); | |
| $this->assertEquals( $this->slash_1, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_7, $comment->comment_content ); | |
| $comment_id = wp_insert_comment(array( | |
| 'comment_post_ID' => $post_id, | |
| 'comment_author' => $this->slash_2, | |
| 'comment_content' => $this->slash_4, | |
| )); | |
| $comment = get_comment( $comment_id ); | |
| $this->assertEquals( $this->slash_2, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_4, $comment->comment_content ); | |
| } | |
| /** | |
| * Tests the model function that expects un-slashed data | |
| * | |
| */ | |
| function test_wp_update_comment() { | |
| $post_id = $this->factory->post->create(); | |
| $comment_id = $this->factory->comment->create(array( | |
| 'comment_post_ID' => $post_id | |
| )); | |
| wp_update_comment(array( | |
| 'comment_ID' => $comment_id, | |
| 'comment_author' => $this->slash_1, | |
| 'comment_content' => $this->slash_7, | |
| )); | |
| $comment = get_comment( $comment_id ); | |
| $this->assertEquals( $this->slash_1, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_7, $comment->comment_content ); | |
| wp_update_comment(array( | |
| 'comment_ID' => $comment_id, | |
| 'comment_author' => $this->slash_2, | |
| 'comment_content' => $this->slash_4, | |
| )); | |
| $comment = get_comment( $comment_id ); | |
| $this->assertEquals( $this->slash_2, $comment->comment_author ); | |
| $this->assertEquals( $this->slash_4, $comment->comment_content ); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment