Make WordPress Core

Ticket #30883: patch.3.diff

File patch.3.diff, 3.0 KB (added by A5hleyRich, 10 years ago)

Refresh of patch 2 to work with taxonomy slug

  • src/wp-includes/formatting.php

    diff --git src/wp-includes/formatting.php src/wp-includes/formatting.php
    index a75af2e..da49afd 100644
    function sanitize_sql_orderby( $orderby ){ 
    13501350 * @return string The sanitized value
    13511351 */
    13521352function sanitize_html_class( $class, $fallback = '' ) {
    1353         //Strip out any % encoded octets
     1353        // Strip out any % encoded octets
    13541354        $sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class );
    13551355
    1356         //Limit to A-Z,a-z,0-9,_,-
     1356        // Limit to A-Z, a-z, 0-9, _, -
    13571357        $sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );
    13581358
    1359         if ( '' == $sanitized )
     1359        // Check if only numbers, hyphens or underscores left
     1360        if ( '' == preg_replace( '/[0-9_-]/', '', $sanitized ) ) {
    13601361                $sanitized = $fallback;
     1362        }
    13611363
    13621364        /**
    13631365         * Filter a sanitized HTML class string.
  • src/wp-includes/post-template.php

    diff --git src/wp-includes/post-template.php src/wp-includes/post-template.php
    index eb794fa..ffcdde6 100644
    function get_post_class( $class = '', $post_id = null ) { 
    475475                                if ( 'post_tag' == $taxonomy ) {
    476476                                        $classes[] = 'tag-' . sanitize_html_class( $term->slug, $term->term_id );
    477477                                } else {
    478                                         $classes[] = sanitize_html_class( $taxonomy . '-' . $term->slug, $taxonomy . '-' . $term->term_id );
     478                                        $classes[] = $taxonomy . '-' . sanitize_html_class( $term->slug, $term->term_id );
    479479                                }
    480480                        }
    481481                }
  • new file tests/phpunit/tests/formatting/SanitizeHtmlClass.php

    diff --git tests/phpunit/tests/formatting/SanitizeHtmlClass.php tests/phpunit/tests/formatting/SanitizeHtmlClass.php
    new file mode 100644
    index 0000000..2393ad9
    - +  
     1<?php
     2
     3/**
     4 * @group formatting
     5 */
     6class Tests_Formatting_SanitizeHtmlClass extends WP_UnitTestCase {
     7
     8        /**
     9         * @covers ::sanitize_html_class
     10         */
     11        public function test_expected() {
     12                $text = 'test';
     13                $result = sanitize_html_class( $text );
     14                $this->assertEquals( $text, $result );
     15        }
     16
     17        /**
     18         * @covers ::sanitize_html_class
     19         */
     20        public function test_fallback_empty() {
     21                $result = sanitize_html_class( '' );
     22                $this->assertEquals( '', $result );
     23        }
     24
     25        /**
     26         * @covers ::sanitize_html_class
     27         */
     28        public function test_fallback_with_only_hyphens() {
     29                $result = sanitize_html_class( '---' );
     30                $this->assertEquals( '', $result );
     31        }
     32
     33        /**
     34         * @covers ::sanitize_html_class
     35         * @ticket 30883
     36         */
     37        public function test_fallback_hyphens_after_percent_encoded_octets() {
     38                $s1 = sanitize_html_class( '%d0%b2%d1%82%d0%be%d1%80%d0%b0%d1%8f-%d1%80%d1%83%d0%b1%d1%80%d0%b8%d0%ba%d0%b0' );
     39                $s2 = sanitize_html_class( '%d0%bf%d0%b5%d1%80%d0%b2%d0%b0%d1%8f-%d1%80%d1%83%d0%b1%d1%80%d0%b8%d0%ba%d0%b0' );
     40
     41                $this->assertEquals( '', $s1 );
     42                $this->assertEquals( '', $s2 );
     43        }
     44
     45        /**
     46         * @covers ::sanitize_html_class
     47         */
     48        public function test_fallback_with_non_letter_characters() {
     49                $result = sanitize_html_class( '-_0123456789' );
     50                $this->assertEquals( '', $result );
     51        }
     52
     53}