WordPress.org

Make WordPress Core

Ticket #18117: 18117.2.diff

File 18117.2.diff, 2.9 KB (added by simonwheatley, 7 years ago)

Patch refreshed, and unit tests from #23865 added

  • src/wp-admin/network/site-info.php

     
    4949        check_admin_referer( 'edit-site' );
    5050
    5151        switch_to_blog( $id );
     52        $blog_data = wp_unslash( $_POST['blog'] );
    5253
     54        // remove forward slashes from front and back of the site domain
     55        $blog_data['domain'] = trim( $blog_data['domain'], '/' );
     56        // ensure one forward slash is present in the front and back of the site path
     57        $blog_data['path']   = trailingslashit( '/' . trim( $blog_data['path'], '/' ) );
     58
    5359        if ( isset( $_POST['update_home_url'] ) && $_POST['update_home_url'] == 'update' ) {
    54                 $blog_address = esc_url_raw( $_POST['blog']['domain'] . $_POST['blog']['path'] );
     60                $blog_address = esc_url_raw( $blog_data['domain'] . $blog_data['path'] );
    5561                if ( get_option( 'siteurl' ) != $blog_address )
    5662                        update_option( 'siteurl', $blog_address );
    5763
     
    6369        delete_option( 'rewrite_rules' );
    6470
    6571        // update blogs table
    66         $blog_data = wp_unslash( $_POST['blog'] );
    6772        $existing_details = get_blog_details( $id, false );
    6873        $blog_data_checkboxes = array( 'public', 'archived', 'spam', 'mature', 'deleted' );
    6974        foreach ( $blog_data_checkboxes as $c ) {
  • tests/phpunit/tests/ms.php

     
    618618        }
    619619
    620620        /**
     621         * Check the path for a sub-directory site is correctly sanitised,
     622         * and has a trailing slash.
     623         *
     624         * @ticket 18117
     625         */
     626        function test_update_blog_sanitises_subdirectory_path() {
     627                global $test_action_counter;
     628
     629                $user_id = $this->factory->user->create( array( 'role' => 'administrator' ) );
     630                $blog_id = $this->factory->blog->create( array( 'user_id' => $user_id, 'path' => '/test_blogpath', 'title' => 'Test Title' ) );
     631                $this->assertInternalType( 'int', $blog_id );
     632
     633                $result = update_blog_details( $blog_id, array('domain' => 'example.com', 'path' => 'my_path') );
     634
     635                $blog = get_blog_details( $blog_id );
     636                $this->assertEquals( '/my_path/', $blog->path );
     637
     638                $result = update_blog_details( $blog_id, array('domain' => 'example.com', 'path' => 'my_path//') );
     639
     640                $blog = get_blog_details( $blog_id );
     641                $this->assertEquals( '/my_path/', $blog->path );
     642
     643                $result = update_blog_details( $blog_id, array('domain' => 'example.com', 'path' => '//my_path') );
     644
     645                $blog = get_blog_details( $blog_id );
     646                $this->assertEquals( '/my_path/', $blog->path );
     647
     648                $result = update_blog_details( $blog_id, array('domain' => 'example.com', 'path' => '/my_path') );
     649
     650                $blog = get_blog_details( $blog_id );
     651                $this->assertEquals( '/my_path/', $blog->path );
     652        }
     653
     654        /**
    621655         * Test fetching a blog that doesn't exist and again after it exists.
    622656         *
    623657         * @ticket 23405