Ticket #33134: 33134.patch
File 33134.patch, 2.9 KB (added by , 8 years ago) |
---|
-
src/wp-includes/shortcodes.php
421 421 preg_match('%[a-zA-Z0-9]+%', $front, $matches); 422 422 $elname = $matches[0]; 423 423 424 // Do pre-check to see if any unfiltered_html type attributes. 425 foreach ( $attributes as &$attr ) { 426 $double = strpos( $attr, '"' ); 427 $single = strpos( $attr, "'" ); 428 if ( false === $double && false === $single ) { 429 continue 2; // Go to next element. 430 } 431 $open = strpos( $attr, '[' ); 432 $close = strpos( $attr, ']' ); 433 if ( false === $open || false === $close ) { 434 continue; // Go to next attribute. 435 } 436 if ( ( false === $single || $open < $single ) && ( false === $double || $open < $double ) ) { 437 continue 2; // Go to next element. 438 } 439 } 440 424 441 // Look for shortcodes in each attribute separately. 425 442 foreach ( $attributes as &$attr ) { 426 443 $open = strpos( $attr, '[' ); -
tests/phpunit/tests/shortcode.php
4 4 */ 5 5 class Tests_Shortcode extends WP_UnitTestCase { 6 6 7 protected $shortcodes = array( 'test-shortcode-tag', 'footag', 'bartag', 'baztag', 'dumptag', 'hyphen', 'hyphen-foo', 'hyphen-foo-bar', 'url', 'img' );7 protected $shortcodes = array( 'test-shortcode-tag', 'footag', 'bartag', 'baztag', 'dumptag', 'hyphen', 'hyphen-foo', 'hyphen-foo-bar', 'url', 'img', 'state_inc', 'state_val' ); 8 8 9 9 function setUp() { 10 10 parent::setUp(); … … 88 88 return $out; 89 89 } 90 90 91 protected $state = 0; 92 93 function _shortcode_state_inc( $atts, $content ) { 94 $this->state++; 95 return do_shortcode( $content ); 96 } 97 98 function _shortcode_state_val( $atts, $content ) { 99 return $this->state; 100 } 101 91 102 function test_noatts() { 92 103 do_shortcode('[test-shortcode-tag /]'); 93 104 $this->assertEquals( '', $this->atts ); … … 840 851 ); 841 852 return wp_json_encode( $arr ); 842 853 } 854 855 /** 856 * @ticket 33134 857 */ 858 function test_nested_left_to_right() { 859 // Now treated as unfiltered. 860 $content = '<a [state_val]>[state_val]</a>'; 861 $this->assertEquals( '<a 0>0</a>', do_shortcode( $content ) ); 862 $content = '[state_inc]<a [state_val]>[state_val]</a>[/state_inc]'; 863 $this->assertEquals( '<a 1>1</a>', do_shortcode( $content ) ); 864 // Quoted attributes with dummy workaround (indicates unfiltered_html). 865 $content = '[state_inc]<a dummy href="[state_val]">[state_val]</a>[/state_inc]'; 866 $this->assertEquals( '<a dummy href="2">2</a>', do_shortcode( $content ) ); 867 // Quoted attributes without workaround leading to current filtered behaviour. 868 $content = '[state_inc]<a href="[state_val]">[state_val]</a>[/state_inc]'; 869 $this->assertEquals( '<a href="2">3</a>', do_shortcode( $content ) ); // Note this should have href="3". 870 } 843 871 }