Ticket #36170: 36170.diff
| File 36170.diff, 1.4 KB (added by , 10 years ago) |
|---|
-
src/wp-includes/functions.php
4000 4000 * @param array $allowed_files List of allowed files. 4001 4001 * @return int 0 means nothing is wrong, greater than 0 means something was wrong. 4002 4002 */ 4003 function validate_file( $file, $allowed_files = '') {4003 function validate_file( $file, $allowed_files = array() ) { 4004 4004 if ( false !== strpos( $file, '..' ) ) 4005 4005 return 1; 4006 4006 -
tests/phpunit/tests/functions.php
150 150 ); 151 151 } 152 152 153 /** 154 * @dataProvider file_path_provider 155 */ 156 function test_validate_file($result, $allowed_files, $expected) 157 { 158 $this->assertEquals($expected, validate_file($result, $allowed_files)); 159 } 160 161 function file_path_provider() { 162 return array( 163 array('../foo/foo.txt', '', 1), 164 array('../foo.txt', '', 1), 165 array('../foo.bar', '', 1), 166 array('foo/bar/foo.txt', '', 0), 167 array('FOO/foo.txt', '', 0), 168 array('C:/WINDOWS/system32', '', 2), 169 array('./FOO/foo.txt', '', 1), 170 array('/FOO/notallowed.txt', array('/FOO/allowed.txt'), 3) 171 ); 172 } 173 153 174 function test_wp_unique_filename() { 154 175 155 176 $testdir = DIR_TESTDATA . '/images/';