Context Navigation

← Previous Change
Next Change →

user.php

Timestamp:

10/02/2014 06:53:24 PM (10 years ago)

Author:

boonebgorges

Message:

Always sanitize user_nicename in wp_insert_user().

Previously, a 'user_nicename' parameter passed into the function was
unsanitized. This could result in a mismatch between the sanitized nicename
generated automatically at user creation, resulting in broken author archive
permalinks.

Props joemcgill.

Fixes #29696.

File:

: 1 edited

trunk/tests/phpunit/tests/user.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/tests/phpunit/tests/user.php

-                      r29341
+                      r29819
         $this->assertNotContains( 'key', $metas );
+    }
+    /**
+     * @ticket 29696
+     */
+    public function test_wp_insert_user_should_sanitize_user_nicename_parameter() {
+        $user = $this->factory->user->create_and_get();
+        $userdata = $user->to_array();
+        $userdata['user_nicename'] = str_replace( '-', '.', $user->user_nicename );
+        wp_insert_user( $userdata );
+        $updated_user = new WP_User( $user->ID );
+        $this->assertSame( $user->user_nicename, $updated_user->user_nicename );
+    }
+}

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 29819 for trunk/tests/phpunit/tests/user.php

Legend:

trunk/tests/phpunit/tests/user.php

Download in other formats: