WordPress.org

Make WordPress Core


Ignore:
Timestamp:
09/14/2013 06:35:43 PM (8 years ago)
Author:
wonderboymusic
Message:

Fix several esoteric errors related to AJAX unit tests for comments:

  • wp_ajax_get_comments() relies on the $post_id global - even though $_POST['p'] is passed to every action in the test methods. If $post_id is still lingering in between tests and doesn't match p in the request, the cap check might pass while the queries for comments will blow up. I added unset( $GLOBALS['post_id'] ) to Tests_Ajax_GetComments::setUp().
  • If the global $post_id is empty, but $_REQUEST['p'] is not, $post_id is now set to absint( $_REQUEST['p'] ) and sanity-checked in wp_ajax_get_comments().
  • map_meta_cap() always assumes that get_comment() succeeds when checking for the edit_comment cap. It doesn't. I added sanity checks in a few places where it will break early if get_post() or get_comment() are empty.
  • wp_update_comment() always assumes get_comment() succeeds. It doesn't. I added a check for empty.

All AJAX unit tests run and pass in debug mode. All general unit tests pass against these changes.

Fixes #25282.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/capabilities.php

    r25329 r25438  
    10671067    case 'edit_page':
    10681068        $post = get_post( $args[0] );
     1069        if ( empty( $post ) )
     1070            break;
    10691071
    10701072        if ( 'revision' == $post->post_type ) {
     
    11711173    case 'edit_comment':
    11721174        $comment = get_comment( $args[0] );
     1175        if ( empty( $comment ) )
     1176            break;
    11731177        $post = get_post( $comment->comment_post_ID );
    11741178        $caps = map_meta_cap( 'edit_post', $user_id, $post->ID );
Note: See TracChangeset for help on using the changeset viewer.