Ticket #37989: 37989.3.diff

src/wp-admin/includes/media.php

@@ -278 +278 @@
                         $time = $post->post_date;
         }
 
-        $name = $_FILES[$file_id]['name'];
         $file = wp_handle_upload($_FILES[$file_id], $overrides, $time);
 
         if ( isset($file['error']) )
                 return new WP_Error( 'upload_error', $file['error'] );
 
-        $basename = pathinfo( $name, PATHINFO_BASENAME );
+        $name = pathinfo( $_FILES[$file_id]['name'], PATHINFO_FILENAME );
 
         $url = $file['url'];
         $type = $file['type'];
         $file = $file['file'];
-        $title = sanitize_title( $basename );
+        $title = sanitize_text_field( $name );
         $content = '';
         $excerpt = '';
 

tests/phpunit/tests/media.php

@@ -773 +773 @@
         }
 
         /**
+         * @ticket 37989
+         */
+        public function test_media_handle_upload_expected_titles() {
+                $test_file = DIR_TESTDATA . '/images/test-image.jpg';
+
+                // Make a copy of this file as it gets moved during the file upload
+                $tmp_name = wp_tempnam( $test_file );
+
+                copy( $test_file, $tmp_name );
+
+                $_FILES['upload'] = array(
+                        'tmp_name' => $tmp_name,
+                        'name'     => 'This is a test.jpg',
+                        'type'     => 'image/jpeg',
+                        'error'    => 0,
+                        'size'     => filesize( $test_file ),
+                );
+
+                $post_id = media_handle_upload( 'upload', 0, array(), array( 'action' => 'test_upload_titles', 'test_form' => false ) );
+
+                unset( $_FILES['upload'] );
+
+                $post = get_post( $post_id );
+
+                // Clean up.
+                wp_delete_attachment( $post_id );
+
+                $this->assertEquals( 'This is a test', $post->post_title );
+        }
+
+        /**
          * @ticket 33016
          */
         function test_multiline_cdata() {