WordPress.org

Make WordPress Core


Ignore:
Timestamp:
04/27/2015 06:34:09 PM (7 years ago)
Author:
mdawaffe
Message:

3.7:

  • WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
  • When upgrading, remove any suspicious comments.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.7/tests/phpunit/tests/comment.php

    r25002 r32318  
    1515        $this->assertEquals( 0, $result );
    1616    }
     17
     18    public function test_comment_content_length() {
     19        // `wp_new_comment()` checks REMOTE_ADDR, so we fake it to avoid PHP notices.
     20        if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
     21            $remote_addr = $_SERVER['REMOTE_ADDR'];
     22        } else {
     23            $_SERVER['REMOTE_ADDR'] = '';
     24        }
     25
     26        $post_id = $this->factory->post->create();
     27
     28        $data = array(
     29            'comment_post_ID' => $post_id,
     30            'comment_author' => rand_str(),
     31            'comment_author_url' => '',
     32            'comment_author_email' => '',
     33            'comment_type' => '',
     34            'comment_content' => str_repeat( 'A', 65536 ),
     35            'comment_date' => '2011-01-01 10:00:00',
     36            'comment_date_gmt' => '2011-01-01 10:00:00',
     37        );
     38
     39        $id = wp_new_comment( $data );
     40
     41        $this->assertFalse( $id );
     42
     43        // Cleanup.
     44        if ( isset( $remote_addr ) ) {
     45            $_SERVER['REMOTE_ADDR'] = $remote_addr;
     46        } else {
     47            unset( $_SERVER['REMOTE_ADDR'] );
     48        }
     49    }
    1750}
Note: See TracChangeset for help on using the changeset viewer.