Ticket #21537: 21537.diff
File 21537.diff, 2.5 KB (added by , 10 years ago) |
---|
-
src/wp-includes/default-filters.php
diff --git src/wp-includes/default-filters.php src/wp-includes/default-filters.php index dc0c8f8..801c8c9 100644
if ( is_admin() ) { 46 46 foreach ( array( 'pre_comment_author_email', 'pre_user_email' ) as $filter ) { 47 47 add_filter( $filter, 'trim' ); 48 48 add_filter( $filter, 'sanitize_email' ); 49 add_filter( $filter, 'wp_ filter_kses' );49 add_filter( $filter, 'wp_kses_email' ); 50 50 } 51 51 52 52 // Email admin display -
src/wp-includes/kses.php
diff --git src/wp-includes/kses.php src/wp-includes/kses.php index cd2727a..0375130 100644
function wp_filter_kses( $data ) { 1326 1326 } 1327 1327 1328 1328 /** 1329 * Sanitize email with allowed HTML Kses rules. 1330 * 1331 * Reverts entities that should not be encoded in email addresses. 1332 * 1333 * @since 4.2.0 1334 * 1335 * @param string $data Content to filter, expected to not be escaped 1336 * @return string Filtered content 1337 */ 1338 function wp_kses_email( $data ) { 1339 return str_replace( '&', '&', wp_filter_kses( $data , current_filter() ) ); 1340 } 1341 1342 /** 1329 1343 * Sanitize content with allowed HTML Kses rules. 1330 1344 * 1331 1345 * @since 2.9.0 -
tests/phpunit/tests/user.php
diff --git tests/phpunit/tests/user.php tests/phpunit/tests/user.php index 8ba4f97..182009b 100644
class Tests_User extends WP_UnitTestCase { 617 617 $metas = array_keys( get_user_meta( 1 ) ); 618 618 $this->assertNotContains( 'key', $metas ); 619 619 } 620 621 /** 622 * @ticket 21537 623 */ 624 function test_user_should_not_sanitize_ampersands() { 625 $random_string = rand_str(); 626 $raw_user_email = 'taco&chalupa@burrito.com'; 627 628 // Test filter 629 $user_email = apply_filters( 'pre_user_email', $raw_user_email ); 630 $this->assertSame( $raw_user_email, $user_email ); 631 632 // Test insert user 633 $id1 = wp_insert_user( array( 634 'user_login' => $random_string, 635 'user_pass' => 'password', 636 'user_email' => $raw_user_email, 637 ) ); 638 $this->assertEquals( $id1, email_exists( $raw_user_email ) ); 639 $this->assertEquals( $id1, get_user_by( 'email', $raw_user_email )->ID ); 640 641 // Test create comment 642 $post_id = $this->factory->post->create(); 643 $comment_id = wp_insert_comment(array( 644 'comment_post_ID' => $post_id, 645 'comment_author' => $random_string, 646 'comment_content' => $random_string, 647 'comment_author_email' => $raw_user_email, 648 )); 649 $comment = get_comment( $comment_id ); 650 $this->assertSame( $raw_user_email, $comment->comment_author_email ); 651 } 620 652 621 653 /** 622 654 * @ticket 29696