Changeset 32390
- Timestamp:
- 05/06/2015 07:14:38 PM (10 years ago)
- Location:
- branches/3.8
- Files:
-
- 8 edited
-
src/wp-admin/includes/upgrade.php (modified) (2 diffs)
-
src/wp-includes/compat.php (modified) (1 diff)
-
src/wp-includes/version.php (modified) (1 diff)
-
src/wp-includes/wp-db.php (modified) (19 diffs)
-
tests/phpunit/tests/comment.php (modified) (2 diffs)
-
tests/phpunit/tests/compat.php (modified) (2 diffs)
-
tests/phpunit/tests/db.php (modified) (1 diff)
-
tests/phpunit/tests/db/charset.php (modified) (14 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/3.8/src/wp-admin/includes/upgrade.php
r32317 r32390 415 415 upgrade_383(); 416 416 417 if ( $wp_current_db_version < 2669 3)418 upgrade_38 8();417 if ( $wp_current_db_version < 26694 ) 418 upgrade_389(); 419 419 420 420 maybe_disable_link_manager(); … … 1294 1294 */ 1295 1295 function upgrade_388() { 1296 } 1297 1298 /** 1299 * Execute changes made in WordPress 3.8.9. 1300 * 1301 * @since 3.8.9 1302 */ 1303 function upgrade_389() { 1296 1304 global $wp_current_db_version, $wpdb; 1297 1305 1298 if ( $wp_current_db_version < 2669 3) {1306 if ( $wp_current_db_version < 26694 ) { 1299 1307 $content_length = $wpdb->get_col_length( $wpdb->comments, 'comment_content' ); 1300 if ( ! $content_length ) { 1301 $content_length = 65535; 1302 } 1308 if ( false === $content_length ) { 1309 $content_length = array( 1310 'type' => 'byte', 1311 'length' => 65535, 1312 ); 1313 } elseif ( ! is_array( $content_length ) ) { 1314 $length = (int) $content_length > 0 ? (int) $content_length : 65535; 1315 $content_length = array( 1316 'type' => 'byte', 1317 'length' => $length 1318 ); 1319 } 1320 1321 if ( 'byte' !== $content_length['type'] ) { 1322 // Sites with malformed DB schemas are on their own. 1323 return; 1324 } 1325 1326 $allowed_length = intval( $content_length['length'] ) - 10; 1303 1327 1304 1328 $comments = $wpdb->get_results( 1305 "SELECT comment_ID FROM $wpdb->comments1306 WHERE comment_date_gmt> '2015-04-26'1307 AND CHAR_LENGTH( comment_content ) >= $content_length1308 AND ( comment_content LIKE '%<%' OR comment_contentLIKE '%>%' )"1329 "SELECT `comment_ID` FROM `{$wpdb->comments}` 1330 WHERE `comment_date_gmt` > '2015-04-26' 1331 AND LENGTH( `comment_content` ) >= {$allowed_length} 1332 AND ( `comment_content` LIKE '%<%' OR `comment_content` LIKE '%>%' )" 1309 1333 ); 1310 1334 -
branches/3.8/src/wp-includes/compat.php
r29386 r32390 14 14 } 15 15 16 if ( !function_exists('mb_substr') ): 17 function mb_substr( $str, $start, $length=null, $encoding=null ) { 18 return _mb_substr($str, $start, $length, $encoding); 19 } 20 endif; 21 22 function _mb_substr( $str, $start, $length=null, $encoding=null ) { 23 // the solution below, works only for utf-8, so in case of a different 24 // charset, just use built-in substr 25 $charset = get_option( 'blog_charset' ); 26 if ( !in_array( $charset, array('utf8', 'utf-8', 'UTF8', 'UTF-8') ) ) { 27 return is_null( $length )? substr( $str, $start ) : substr( $str, $start, $length); 28 } 29 // use the regex unicode support to separate the UTF-8 characters into an array 30 preg_match_all( '/./us', $str, $match ); 31 $chars = is_null( $length )? array_slice( $match[0], $start ) : array_slice( $match[0], $start, $length ); 32 return implode( '', $chars ); 16 /** 17 * Returns whether PCRE/u (PCRE_UTF8 modifier) is available for use. 18 * 19 * @ignore 20 * @since 4.2.2 21 * @access private 22 * 23 * @param bool $set - Used for testing only 24 * null : default - get PCRE/u capability 25 * false : Used for testing - return false for future calls to this function 26 * 'reset': Used for testing - restore default behavior of this function 27 */ 28 function _wp_can_use_pcre_u( $set = null ) { 29 static $utf8_pcre = 'reset'; 30 31 if ( null !== $set ) { 32 $utf8_pcre = $set; 33 } 34 35 if ( 'reset' === $utf8_pcre ) { 36 $utf8_pcre = @preg_match( '/^./u', 'a' ); 37 } 38 39 return $utf8_pcre; 40 } 41 42 if ( ! function_exists( 'mb_substr' ) ) : 43 function mb_substr( $str, $start, $length = null, $encoding = null ) { 44 return _mb_substr( $str, $start, $length, $encoding ); 45 } 46 endif; 47 48 /* 49 * Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit. 50 * For $encoding === UTF-8, the $str input is expected to be a valid UTF-8 byte sequence. 51 * The behavior of this function for invalid inputs is undefined. 52 */ 53 function _mb_substr( $str, $start, $length = null, $encoding = null ) { 54 if ( null === $encoding ) { 55 $encoding = get_option( 'blog_charset' ); 56 } 57 58 // The solution below works only for UTF-8, 59 // so in case of a different charset just use built-in substr() 60 if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) { 61 return is_null( $length ) ? substr( $str, $start ) : substr( $str, $start, $length ); 62 } 63 64 if ( _wp_can_use_pcre_u() ) { 65 // Use the regex unicode support to separate the UTF-8 characters into an array 66 preg_match_all( '/./us', $str, $match ); 67 $chars = is_null( $length ) ? array_slice( $match[0], $start ) : array_slice( $match[0], $start, $length ); 68 return implode( '', $chars ); 69 } 70 71 $regex = '/( 72 [\x00-\x7F] # single-byte sequences 0xxxxxxx 73 | [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx 74 | \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2 75 | [\xE1-\xEC][\x80-\xBF]{2} 76 | \xED[\x80-\x9F][\x80-\xBF] 77 | [\xEE-\xEF][\x80-\xBF]{2} 78 | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3 79 | [\xF1-\xF3][\x80-\xBF]{3} 80 | \xF4[\x80-\x8F][\x80-\xBF]{2} 81 )/x'; 82 83 $chars = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop 84 do { 85 // We had some string left over from the last round, but we counted it in that last round. 86 array_pop( $chars ); 87 88 // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) 89 $pieces = preg_split( $regex, $str, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); 90 91 $chars = array_merge( $chars, $pieces ); 92 } while ( count( $pieces ) > 1 && $str = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. 93 94 return join( '', array_slice( $chars, $start, $length ) ); 95 } 96 97 if ( ! function_exists( 'mb_strlen' ) ) : 98 function mb_strlen( $str, $encoding = null ) { 99 return _mb_strlen( $str, $encoding ); 100 } 101 endif; 102 103 /* 104 * Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit. 105 * For $encoding === UTF-8, the $str input is expected to be a valid UTF-8 byte sequence. 106 * The behavior of this function for invalid inputs is undefined. 107 */ 108 function _mb_strlen( $str, $encoding = null ) { 109 if ( null === $encoding ) { 110 $encoding = get_option( 'blog_charset' ); 111 } 112 113 // The solution below works only for UTF-8, 114 // so in case of a different charset just use built-in strlen() 115 if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) { 116 return strlen( $str ); 117 } 118 119 if ( _wp_can_use_pcre_u() ) { 120 // Use the regex unicode support to separate the UTF-8 characters into an array 121 preg_match_all( '/./us', $str, $match ); 122 return count( $match[0] ); 123 } 124 125 $regex = '/(?: 126 [\x00-\x7F] # single-byte sequences 0xxxxxxx 127 | [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx 128 | \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2 129 | [\xE1-\xEC][\x80-\xBF]{2} 130 | \xED[\x80-\x9F][\x80-\xBF] 131 | [\xEE-\xEF][\x80-\xBF]{2} 132 | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3 133 | [\xF1-\xF3][\x80-\xBF]{3} 134 | \xF4[\x80-\x8F][\x80-\xBF]{2} 135 )/x'; 136 137 $count = 1; // Start at 1 instead of 0 since the first thing we do is decrement 138 do { 139 // We had some string left over from the last round, but we counted it in that last round. 140 $count--; 141 142 // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) 143 $pieces = preg_split( $regex, $str, 1000 ); 144 145 // Increment 146 $count += count( $pieces ); 147 } while ( $str = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. 148 149 // Fencepost: preg_split() always returns one extra item in the array 150 return --$count; 33 151 } 34 152 -
branches/3.8/src/wp-includes/version.php
r32317 r32390 12 12 * @global int $wp_db_version 13 13 */ 14 $wp_db_version = 2669 3;14 $wp_db_version = 26694; 15 15 16 16 /** -
branches/3.8/src/wp-includes/wp-db.php
r32317 r32390 1380 1380 */ 1381 1381 function _insert_replace_helper( $table, $data, $format = null, $type = 'INSERT' ) { 1382 $this->insert_id = 0; 1383 1382 1384 if ( ! in_array( strtoupper( $type ), array( 'REPLACE', 'INSERT' ) ) ) { 1383 1385 return false; … … 1400 1402 $sql = "$type INTO `$table` ($fields) VALUES ($formats)"; 1401 1403 1402 $this->insert_id = 0;1403 1404 $this->check_current_query = false; 1404 1405 return $this->query( $this->prepare( $sql, $values ) ); … … 1597 1598 // This checks %d/%f versus ! %s because it's sprintf() could take more. 1598 1599 $value['charset'] = false; 1599 } elseif ( $this->check_ascii( $value['value'] ) ) {1600 // If it's ASCII, then we don't need the charset. We can skip this field.1601 $value['charset'] = false;1602 1600 } else { 1603 1601 $value['charset'] = $this->get_col_charset( $table, $field ); … … 1605 1603 return false; 1606 1604 } 1607 1608 // This isn't ASCII. Don't have strip_invalid_text() re-check.1609 $value['ascii'] = false;1610 1605 } 1611 1606 … … 1638 1633 return false; 1639 1634 } 1640 }1641 1642 if ( false !== $value['length'] && strlen( $value['value'] ) > $value['length'] ) {1643 return false;1644 1635 } 1645 1636 … … 1967 1958 /** 1968 1959 * Retrieve the maximum string length allowed in a given column. 1960 * The length may either be specified as a byte length or a character length. 1969 1961 * 1970 1962 * @since 4.2.1 … … 1973 1965 * @param string $table Table name. 1974 1966 * @param string $column Column name. 1975 * @return mixed Max column length as an int. False if the column has no 1976 * length. WP_Error object if there was an error. 1967 * @return mixed array( 'length' => (int), 'type' => 'byte' | 'char' ) 1968 * false if the column has no length (for example, numeric column) 1969 * WP_Error object if there was an error. 1977 1970 */ 1978 1971 public function get_col_length( $table, $column ) { … … 2007 2000 2008 2001 switch( $type ) { 2002 case 'char': 2003 case 'varchar': 2004 return array( 2005 'type' => 'char', 2006 'length' => (int) $length, 2007 ); 2008 break; 2009 2009 case 'binary': 2010 case 'char':2011 2010 case 'varbinary': 2012 case 'varchar': 2013 return $length; 2011 return array( 2012 'type' => 'byte', 2013 'length' => (int) $length, 2014 ); 2014 2015 break; 2015 2016 case 'tinyblob': 2016 2017 case 'tinytext': 2017 return 255; // 2^8 - 1 2018 return array( 2019 'type' => 'byte', 2020 'length' => 255, // 2^8 - 1 2021 ); 2018 2022 break; 2019 2023 case 'blob': 2020 2024 case 'text': 2021 return 65535; // 2^16 - 1 2025 return array( 2026 'type' => 'byte', 2027 'length' => 65535, // 2^16 - 1 2028 ); 2022 2029 break; 2023 2030 case 'mediumblob': 2024 2031 case 'mediumtext': 2025 return 16777215; // 2^24 - 1 2032 return array( 2033 'type' => 'byte', 2034 'length' => 16777215, // 2^24 - 1 2035 ); 2026 2036 break; 2027 2037 case 'longblob': 2028 2038 case 'longtext': 2029 return 4294967295; // 2^32 - 1 2039 return array( 2040 'type' => 'byte', 2041 'length' => 4294967295, // 2^32 - 1 2042 ); 2030 2043 break; 2031 2044 default: … … 2134 2147 // If any of the columns don't have one of these collations, it needs more sanity checking. 2135 2148 protected function strip_invalid_text( $data ) { 2136 // Some multibyte character sets that we can check in PHP.2137 $mb_charsets = array(2138 'ascii' => 'ASCII',2139 'big5' => 'BIG-5',2140 'eucjpms' => 'eucJP-win',2141 'gb2312' => 'EUC-CN',2142 'ujis' => 'EUC-JP',2143 'utf32' => 'UTF-32',2144 );2145 2146 $supported_charsets = array();2147 if ( function_exists( 'mb_list_encodings' ) ) {2148 $supported_charsets = mb_list_encodings();2149 }2150 2151 2149 $db_check_string = false; 2152 2150 … … 2154 2152 $charset = $value['charset']; 2155 2153 2156 // Column isn't a string, or is latin1, which will will happily store anything. 2157 if ( false === $charset || 'latin1' === $charset ) { 2154 if ( is_array( $value['length'] ) ) { 2155 $length = $value['length']['length']; 2156 } else { 2157 $length = false; 2158 } 2159 2160 // There's no charset to work with. 2161 if ( false === $charset ) { 2158 2162 continue; 2159 2163 } 2160 2164 2165 // Column isn't a string. 2161 2166 if ( ! is_string( $value['value'] ) ) { 2162 2167 continue; 2163 2168 } 2164 2169 2165 // ASCII is always OK. 2166 if ( ! isset( $value['ascii'] ) && $this->check_ascii( $value['value'] ) ) { 2167 continue; 2168 } 2169 2170 // Convert the text locally. 2171 if ( $supported_charsets ) { 2172 if ( isset( $mb_charsets[ $charset ] ) && in_array( $mb_charsets[ $charset ], $supported_charsets ) ) { 2173 $value['value'] = mb_convert_encoding( $value['value'], $mb_charsets[ $charset ], $mb_charsets[ $charset ] ); 2170 $truncate_by_byte_length = 'byte' === $value['length']['type']; 2171 2172 $needs_validation = true; 2173 if ( 2174 // latin1 can store any byte sequence 2175 'latin1' === $charset 2176 || 2177 // ASCII is always OK. 2178 ( ! isset( $value['ascii'] ) && $this->check_ascii( $value['value'] ) ) 2179 ) { 2180 $truncate_by_byte_length = true; 2181 $needs_validation = false; 2182 } 2183 2184 if ( $truncate_by_byte_length ) { 2185 mbstring_binary_safe_encoding(); 2186 if ( false !== $length && strlen( $value['value'] ) > $length ) { 2187 $value['value'] = substr( $value['value'], 0, $length ); 2188 } 2189 reset_mbstring_encoding(); 2190 2191 if ( ! $needs_validation ) { 2174 2192 continue; 2175 2193 } … … 2177 2195 2178 2196 // utf8 can be handled by regex, which is a bunch faster than a DB lookup. 2179 if ( 'utf8' === $charset || 'utf8mb3' === $charset || 'utf8mb4' === $charset) {2197 if ( ( 'utf8' === $charset || 'utf8mb3' === $charset || 'utf8mb4' === $charset ) && function_exists( 'mb_strlen' ) ) { 2180 2198 $regex = '/ 2181 2199 ( … … 2187 2205 | [\xEE-\xEF][\x80-\xBF]{2}'; 2188 2206 2189 if ( 'utf8mb4' === $charset ) {2207 if ( 'utf8mb4' === $charset ) { 2190 2208 $regex .= ' 2191 2209 | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3 … … 2200 2218 /x'; 2201 2219 $value['value'] = preg_replace( $regex, '$1', $value['value'] ); 2220 2221 2222 if ( false !== $length && mb_strlen( $value['value'], 'UTF-8' ) > $length ) { 2223 $value['value'] = mb_substr( $value['value'], 0, $length, 'UTF-8' ); 2224 } 2202 2225 continue; 2203 2226 } … … 2216 2239 } 2217 2240 2218 // Split the CONVERT() calls by charset, so we can make sure the connection is right 2219 $queries[ $value['charset'] ][ $col ] = $this->prepare( "CONVERT( %s USING {$value['charset']} )", $value['value'] ); 2241 // We're going to need to truncate by characters or bytes, depending on the length value we have. 2242 if ( 'byte' === $value['length']['type'] ) { 2243 // Split the CONVERT() calls by charset, so we can make sure the connection is right 2244 $queries[ $value['charset'] ][ $col ] = $this->prepare( "CONVERT( LEFT( CONVERT( %s USING binary ), %d ) USING {$value['charset']} )", $value['value'], $value['length']['length'] ); 2245 } else { 2246 $queries[ $value['charset'] ][ $col ] = $this->prepare( "LEFT( CONVERT( %s USING {$value['charset']} ), %d )", $value['value'], $value['length']['length'] ); 2247 } 2248 2220 2249 unset( $data[ $col ]['db'] ); 2221 2250 } … … 2236 2265 $this->check_current_query = false; 2237 2266 2238 $row = $this->get_row( "SELECT " . implode( ', ', $query ), ARRAY_N ); 2267 $sql = array(); 2268 foreach ( $query as $column => $column_query ) { 2269 $sql[] = $column_query . " AS x_$column"; 2270 } 2271 2272 $row = $this->get_row( "SELECT " . implode( ', ', $sql ), ARRAY_A ); 2239 2273 if ( ! $row ) { 2240 2274 $this->set_charset( $this->dbh, $connection_charset ); … … 2242 2276 } 2243 2277 2244 $cols = array_keys( $query ); 2245 $col_count = count( $cols ); 2246 for ( $ii = 0; $ii < $col_count; $ii++ ) { 2247 $data[ $cols[ $ii ] ]['value'] = $row[ $ii ]; 2278 foreach ( array_keys( $query ) as $column ) { 2279 $data[ $column ]['value'] = $row["x_$column"]; 2248 2280 } 2249 2281 } … … 2287 2319 'charset' => $charset, 2288 2320 'ascii' => false, 2321 'length' => false, 2289 2322 ); 2290 2323 … … 2309 2342 */ 2310 2343 public function strip_invalid_text_for_column( $table, $column, $value ) { 2311 if ( ! is_string( $value ) || $this->check_ascii( $value )) {2344 if ( ! is_string( $value ) ) { 2312 2345 return $value; 2313 2346 } … … 2326 2359 'value' => $value, 2327 2360 'charset' => $charset, 2328 ' ascii' => false,2361 'length' => $this->get_col_length( $table, $column ), 2329 2362 ) 2330 2363 ); -
branches/3.8/tests/phpunit/tests/comment.php
r32317 r32390 24 24 } 25 25 26 $post_id = $this->factory->post->create(); 26 $u = $this->factory->user->create(); 27 $post_id = $this->factory->post->create( array( 'post_author' => $u ) ); 27 28 28 29 $data = array( … … 37 38 ); 38 39 40 add_filter( 'pre_option_moderation_notify', '__return_zero' ); 39 41 $id = wp_new_comment( $data ); 42 remove_filter( 'pre_option_moderation_notify', '__return_zero' ); 40 43 41 $this->assert False( $id );44 $this->assertEmpty( $id ); 42 45 43 46 // Cleanup. -
branches/3.8/tests/phpunit/tests/compat.php
r25002 r32390 3 3 /** 4 4 * @group compat 5 * @group security-153 5 6 */ 6 7 class Tests_Compat extends WP_UnitTestCase { 7 function test_mb_substr() { 8 $this->assertEquals('баб', _mb_substr('баба', 0, 3)); 9 $this->assertEquals('баб', _mb_substr('баба', 0, -1)); 10 $this->assertEquals('баб', _mb_substr('баба', 0, -1)); 11 $this->assertEquals('I am your б', _mb_substr('I am your баба', 0, 11)); 8 function utf8_string_lengths() { 9 return array( 10 // string, character_length, byte_length 11 array( 'баба', 4, 8 ), 12 array( 'баб', 3, 6 ), 13 array( 'I am your б', 11, 12 ), 14 array( '1111111111', 10, 10 ), 15 array( '²²²²²²²²²²', 10, 20 ), 16 array( '3333333333', 10, 30 ), 17 array( '𝟜𝟜𝟜𝟜𝟜𝟜𝟜𝟜𝟜𝟜', 10, 40 ), 18 array( '1²3𝟜1²3𝟜1²3𝟜', 12, 30 ), 19 ); 20 } 21 22 function utf8_substrings() { 23 return array( 24 // string, start, length, character_substring, byte_substring 25 array( 'баба', 0, 3, 'баб', "б\xD0" ), 26 array( 'баба', 0, -1, 'баб', "баб\xD0" ), 27 array( 'баба', 1, null, 'аба', "\xB1аба" ), 28 array( 'баба', -3, null, 'аба', "\xB1а" ), 29 array( 'баба', -3, 2, 'аб', "\xB1\xD0" ), 30 array( 'баба', -1, 2, 'а', "\xB0" ), 31 array( 'I am your баба', 0, 11, 'I am your б', "I am your \xD0" ), 32 ); 33 } 34 35 /** 36 * @dataProvider utf8_string_lengths 37 */ 38 function test_mb_strlen( $string, $expected_character_length ) { 39 $this->assertEquals( $expected_character_length, _mb_strlen( $string, 'UTF-8' ) ); 40 } 41 42 /** 43 * @dataProvider utf8_string_lengths 44 */ 45 function test_mb_strlen_via_regex( $string, $expected_character_length ) { 46 _wp_can_use_pcre_u( false ); 47 $this->assertEquals( $expected_character_length, _mb_strlen( $string, 'UTF-8' ) ); 48 _wp_can_use_pcre_u( 'reset' ); 49 } 50 51 /** 52 * @dataProvider utf8_string_lengths 53 */ 54 function test_8bit_mb_strlen( $string, $expected_character_length, $expected_byte_length ) { 55 $this->assertEquals( $expected_byte_length, _mb_strlen( $string, '8bit' ) ); 56 } 57 58 /** 59 * @dataProvider utf8_substrings 60 */ 61 function test_mb_substr( $string, $start, $length, $expected_character_substring ) { 62 $this->assertEquals( $expected_character_substring, _mb_substr( $string, $start, $length, 'UTF-8' ) ); 63 } 64 65 /** 66 * @dataProvider utf8_substrings 67 */ 68 function test_mb_substr_via_regex( $string, $start, $length, $expected_character_substring ) { 69 _wp_can_use_pcre_u( false ); 70 $this->assertEquals( $expected_character_substring, _mb_substr( $string, $start, $length, 'UTF-8' ) ); 71 _wp_can_use_pcre_u( 'reset' ); 72 } 73 74 /** 75 * @dataProvider utf8_substrings 76 */ 77 function test_8bit_mb_substr( $string, $start, $length, $expected_character_substring, $expected_byte_substring ) { 78 $this->assertEquals( $expected_byte_substring, _mb_substr( $string, $start, $length, '8bit' ) ); 79 } 80 81 function test_mb_substr_phpcore(){ 82 /* https://github.com/php/php-src/blob/php-5.6.8/ext/mbstring/tests/mb_substr_basic.phpt */ 83 $string_ascii = 'ABCDEF'; 84 $string_mb = base64_decode('5pel5pys6Kqe44OG44Kt44K544OI44Gn44GZ44CCMDEyMzTvvJXvvJbvvJfvvJjvvJnjgII='); 85 86 $this->assertEquals( 'DEF', _mb_substr($string_ascii, 3) ); 87 $this->assertEquals( 'DEF', _mb_substr($string_ascii, 3, 5, 'ISO-8859-1') ); 88 89 // specific latin-1 as that is the default the core php test opporates under 90 $this->assertEquals( 'peacrOiqng==' , base64_encode( _mb_substr($string_mb, 2, 7, 'latin-1' ) ) ); 91 $this->assertEquals( '6Kqe44OG44Kt44K544OI44Gn44GZ', base64_encode( _mb_substr($string_mb, 2, 7, 'utf-8') ) ); 92 93 /* https://github.com/php/php-src/blob/php-5.6.8/ext/mbstring/tests/mb_substr_variation1.phpt */ 94 $start = 0; 95 $length = 5; 96 $unset_var = 10; 97 unset ($unset_var); 98 $heredoc = <<<EOT 99 hello world 100 EOT; 101 $inputs = array( 102 /*1*/ 0, 103 1, 104 12345, 105 -2345, 106 // float data 107 /*5*/ 10.5, 108 -10.5, 109 12.3456789000e10, 110 12.3456789000E-10, 111 .5, 112 // null data 113 /*10*/ NULL, 114 null, 115 // boolean data 116 /*12*/ true, 117 false, 118 TRUE, 119 FALSE, 120 // empty data 121 /*16*/ "", 122 '', 123 // string data 124 /*18*/ "string", 125 'string', 126 $heredoc, 127 // object data 128 /*21*/ new classA(), 129 // undefined data 130 /*22*/ @$undefined_var, 131 // unset data 132 /*23*/ @$unset_var, 133 ); 134 $outputs = array( 135 "0", 136 "1", 137 "12345", 138 "-2345", 139 "10.5", 140 "-10.5", 141 "12345", 142 "1.234", 143 "0.5", 144 "", 145 "", 146 "1", 147 "", 148 "1", 149 "", 150 "", 151 "", 152 "strin", 153 "strin", 154 "hello", 155 "Class", 156 "", 157 "", 158 ); 159 $iterator = 0; 160 foreach($inputs as $input) { 161 $this->assertEquals( $outputs[$iterator] , _mb_substr($input, $start, $length) ); 162 $iterator++; 163 } 164 12 165 } 13 166 … … 35 188 } 36 189 } 190 191 /* used in test_mb_substr_phpcore */ 192 class classA { 193 public function __toString() { 194 return "Class A object"; 195 } 196 } -
branches/3.8/tests/phpunit/tests/db.php
r32317 r32390 511 511 'format' => '%s', 512 512 'charset' => $expected_charset, 513 'ascii' => false,514 513 'length' => $wpdb->get_col_length( $wpdb->posts, 'post_content' ), 515 514 ) -
branches/3.8/tests/phpunit/tests/db/charset.php
r32274 r32390 7 7 * 8 8 * @group wpdb 9 * @group security-153 9 10 */ 10 11 class Tests_DB_Charset extends WP_UnitTestCase { … … 29 30 'charset' => 'latin1', 30 31 'value' => "\xf0\x9f\x8e\xb7", 31 'expected' => "\xf0\x9f\x8e\xb7" 32 'expected' => "\xf0\x9f\x8e\xb7", 33 'length' => array( 'type' => 'char', 'length' => 100 ), 34 ), 35 'latin1_char_length' => array( 36 // latin1. latin1 never changes. 37 'charset' => 'latin1', 38 'value' => str_repeat( 'A', 11 ), 39 'expected' => str_repeat( 'A', 10 ), 40 'length' => array( 'type' => 'char', 'length' => 10 ), 41 ), 42 'latin1_byte_length' => array( 43 // latin1. latin1 never changes. 44 'charset' => 'latin1', 45 'value' => str_repeat( 'A', 11 ), 46 'expected' => str_repeat( 'A', 10 ), 47 'length' => array( 'type' => 'byte', 'length' => 10 ), 32 48 ), 33 49 'ascii' => array( … … 35 51 'charset' => 'ascii', 36 52 'value' => 'Hello World', 37 'expected' => 'Hello World' 53 'expected' => 'Hello World', 54 'length' => array( 'type' => 'char', 'length' => 100 ), 55 ), 56 'ascii_char_length' => array( 57 // ascii gets special treatment, make sure it's covered 58 'charset' => 'ascii', 59 'value' => str_repeat( 'A', 11 ), 60 'expected' => str_repeat( 'A', 10 ), 61 'length' => array( 'type' => 'char', 'length' => 10 ), 62 ), 63 'ascii_byte_length' => array( 64 // ascii gets special treatment, make sure it's covered 65 'charset' => 'ascii', 66 'value' => str_repeat( 'A', 11 ), 67 'expected' => str_repeat( 'A', 10 ), 68 'length' => array( 'type' => 'byte', 'length' => 10 ), 38 69 ), 39 70 'utf8' => array( … … 41 72 'charset' => 'utf8', 42 73 'value' => "H€llo\xf0\x9f\x98\x88World¢", 43 'expected' => 'H€lloWorld¢' 74 'expected' => 'H€lloWorld¢', 75 'length' => array( 'type' => 'char', 'length' => 100 ), 76 ), 77 'utf8_23char_length' => array( 78 // utf8 only allows <= 3-byte chars 79 'charset' => 'utf8', 80 'value' => str_repeat( "²3", 10 ), 81 'expected' => str_repeat( "²3", 5 ), 82 'length' => array( 'type' => 'char', 'length' => 10 ), 83 ), 84 'utf8_23byte_length' => array( 85 // utf8 only allows <= 3-byte chars 86 'charset' => 'utf8', 87 'value' => str_repeat( "²3", 10 ), 88 'expected' => "²3²3", 89 'length' => array( 'type' => 'byte', 'length' => 10 ), 90 ), 91 'utf8_3char_length' => array( 92 // utf8 only allows <= 3-byte chars 93 'charset' => 'utf8', 94 'value' => str_repeat( "3", 11 ), 95 'expected' => str_repeat( "3", 10 ), 96 'length' => array( 'type' => 'char', 'length' => 10 ), 97 ), 98 'utf8_3byte_length' => array( 99 // utf8 only allows <= 3-byte chars 100 'charset' => 'utf8', 101 'value' => str_repeat( "3", 11 ), 102 'expected' => "333", 103 'length' => array( 'type' => 'byte', 'length' => 10 ), 44 104 ), 45 105 'utf8mb3' => array( … … 47 107 'charset' => 'utf8mb3', 48 108 'value' => "H€llo\xf0\x9f\x98\x88World¢", 49 'expected' => 'H€lloWorld¢' 109 'expected' => 'H€lloWorld¢', 110 'length' => array( 'type' => 'char', 'length' => 100 ), 111 ), 112 'utf8mb3_23char_length' => array( 113 // utf8mb3 should behave the same an utf8 114 'charset' => 'utf8mb3', 115 'value' => str_repeat( "²3", 10 ), 116 'expected' => str_repeat( "²3", 5 ), 117 'length' => array( 'type' => 'char', 'length' => 10 ), 118 ), 119 'utf8mb3_23byte_length' => array( 120 // utf8mb3 should behave the same an utf8 121 'charset' => 'utf8mb3', 122 'value' => str_repeat( "²3", 10 ), 123 'expected' => "²3²3", 124 'length' => array( 'type' => 'byte', 'length' => 10 ), 125 ), 126 'utf8mb3_3char_length' => array( 127 // utf8mb3 should behave the same an utf8 128 'charset' => 'utf8mb3', 129 'value' => str_repeat( "3", 11 ), 130 'expected' => str_repeat( "3", 10 ), 131 'length' => array( 'type' => 'char', 'length' => 10 ), 132 ), 133 'utf8mb3_3byte_length' => array( 134 // utf8mb3 should behave the same an utf8 135 'charset' => 'utf8mb3', 136 'value' => str_repeat( "3", 10 ), 137 'expected' => "333", 138 'length' => array( 'type' => 'byte', 'length' => 10 ), 50 139 ), 51 140 'utf8mb4' => array( … … 53 142 'charset' => 'utf8mb4', 54 143 'value' => "H€llo\xf0\x9f\x98\x88World¢", 55 'expected' => "H€llo\xf0\x9f\x98\x88World¢" 144 'expected' => "H€llo\xf0\x9f\x98\x88World¢", 145 'length' => array( 'type' => 'char', 'length' => 100 ), 146 ), 147 'utf8mb4_234char_length' => array( 148 // utf8mb4 allows 4-byte characters, too 149 'charset' => 'utf8mb4', 150 'value' => str_repeat( "²3𝟜", 10 ), 151 'expected' => "²3𝟜²3𝟜²3𝟜²", 152 'length' => array( 'type' => 'char', 'length' => 10 ), 153 ), 154 'utf8mb4_234byte_length' => array( 155 // utf8mb4 allows 4-byte characters, too 156 'charset' => 'utf8mb4', 157 'value' => str_repeat( "²3𝟜", 10 ), 158 'expected' => "²3𝟜", 159 'length' => array( 'type' => 'byte', 'length' => 10 ), 160 ), 161 'utf8mb4_4char_length' => array( 162 // utf8mb4 allows 4-byte characters, too 163 'charset' => 'utf8mb4', 164 'value' => str_repeat( "𝟜", 11 ), 165 'expected' => str_repeat( "𝟜", 10 ), 166 'length' => array( 'type' => 'char', 'length' => 10 ), 167 ), 168 'utf8mb4_4byte_length' => array( 169 // utf8mb4 allows 4-byte characters, too 170 'charset' => 'utf8mb4', 171 'value' => str_repeat( "𝟜", 10 ), 172 'expected' => "𝟜𝟜", 173 'length' => array( 'type' => 'byte', 'length' => 10 ), 56 174 ), 57 175 'koi8r' => array( … … 59 177 'value' => "\xfdord\xf2ress", 60 178 'expected' => "\xfdord\xf2ress", 179 'length' => array( 'type' => 'char', 'length' => 100 ), 180 ), 181 'koi8r_char_length' => array( 182 'charset' => 'koi8r', 183 'value' => str_repeat( "\xfd\xf2", 10 ), 184 'expected' => str_repeat( "\xfd\xf2", 5 ), 185 'length' => array( 'type' => 'char', 'length' => 10 ), 186 ), 187 'koi8r_byte_length' => array( 188 'charset' => 'koi8r', 189 'value' => str_repeat( "\xfd\xf2", 10 ), 190 'expected' => str_repeat( "\xfd\xf2", 5 ), 191 'length' => array( 'type' => 'byte', 'length' => 10 ), 61 192 ), 62 193 'hebrew' => array( … … 64 195 'value' => "\xf9ord\xf7ress", 65 196 'expected' => "\xf9ord\xf7ress", 197 'length' => array( 'type' => 'char', 'length' => 100 ), 198 ), 199 'hebrew_char_length' => array( 200 'charset' => 'hebrew', 201 'value' => str_repeat( "\xf9\xf7", 10 ), 202 'expected' => str_repeat( "\xf9\xf7", 5 ), 203 'length' => array( 'type' => 'char', 'length' => 10 ), 204 ), 205 'hebrew_byte_length' => array( 206 'charset' => 'hebrew', 207 'value' => str_repeat( "\xf9\xf7", 10 ), 208 'expected' => str_repeat( "\xf9\xf7", 5 ), 209 'length' => array( 'type' => 'byte', 'length' => 10 ), 66 210 ), 67 211 'cp1251' => array( … … 69 213 'value' => "\xd8ord\xd0ress", 70 214 'expected' => "\xd8ord\xd0ress", 215 'length' => array( 'type' => 'char', 'length' => 100 ), 216 ), 217 'cp1251_char_length' => array( 218 'charset' => 'cp1251', 219 'value' => str_repeat( "\xd8\xd0", 10 ), 220 'expected' => str_repeat( "\xd8\xd0", 5 ), 221 'length' => array( 'type' => 'char', 'length' => 10 ), 222 ), 223 'cp1251_byte_length' => array( 224 'charset' => 'cp1251', 225 'value' => str_repeat( "\xd8\xd0", 10 ), 226 'expected' => str_repeat( "\xd8\xd0", 5 ), 227 'length' => array( 'type' => 'byte', 'length' => 10 ), 71 228 ), 72 229 'tis620' => array( … … 74 231 'value' => "\xccord\xe3ress", 75 232 'expected' => "\xccord\xe3ress", 233 'length' => array( 'type' => 'char', 'length' => 100 ), 234 ), 235 'tis620_char_length' => array( 236 'charset' => 'tis620', 237 'value' => str_repeat( "\xcc\xe3", 10 ), 238 'expected' => str_repeat( "\xcc\xe3", 5 ), 239 'length' => array( 'type' => 'char', 'length' => 10 ), 240 ), 241 'tis620_byte_length' => array( 242 'charset' => 'tis620', 243 'value' => str_repeat( "\xcc\xe3", 10 ), 244 'expected' => str_repeat( "\xcc\xe3", 5 ), 245 'length' => array( 'type' => 'byte', 'length' => 10 ), 76 246 ), 77 247 'false' => array( … … 79 249 'charset' => false, 80 250 'value' => 100, 81 'expected' => 100 251 'expected' => 100, 252 'length' => false, 82 253 ), 83 254 ); … … 95 266 'charset' => 'big5', 96 267 'value' => $big5, 97 'expected' => $big5 268 'expected' => $big5, 269 'length' => array( 'type' => 'char', 'length' => 100 ), 270 ); 271 272 $fields['big5_char_length'] = array( 273 'charset' => 'big5', 274 'value' => str_repeat( $big5, 10 ), 275 'expected' => str_repeat( $big5, 3 ) . 'a', 276 'length' => array( 'type' => 'char', 'length' => 10 ), 277 ); 278 279 $fields['big5_byte_length'] = array( 280 'charset' => 'big5', 281 'value' => str_repeat( $big5, 10 ), 282 'expected' => str_repeat( $big5, 2 ) . 'a', 283 'length' => array( 'type' => 'byte', 'length' => 10 ), 98 284 ); 99 285 } … … 167 353 168 354 $all_ascii_fields = array( 169 'post_content' => array( 'value' => 'foo foo foo!', 'format' => '%s', 'charset' => false),170 'post_excerpt' => array( 'value' => 'bar bar bar!', 'format' => '%s', 'charset' => false),355 'post_content' => array( 'value' => 'foo foo foo!', 'format' => '%s', 'charset' => $charset ), 356 'post_excerpt' => array( 'value' => 'bar bar bar!', 'format' => '%s', 'charset' => $charset ), 171 357 ); 172 358 173 359 // This is the same data used in process_field_charsets_for_nonexistent_table() 174 360 $non_ascii_string_fields = array( 175 'post_content' => array( 'value' => '¡foo foo foo!', 'format' => '%s', 'charset' => $charset , 'ascii' => false),176 'post_excerpt' => array( 'value' => '¡bar bar bar!', 'format' => '%s', 'charset' => $charset , 'ascii' => false),361 'post_content' => array( 'value' => '¡foo foo foo!', 'format' => '%s', 'charset' => $charset ), 362 'post_excerpt' => array( 'value' => '¡bar bar bar!', 'format' => '%s', 'charset' => $charset ), 177 363 ); 178 364 … … 541 727 self::$_wpdb->query( $drop ); 542 728 } 729 730 function test_strip_invalid_test_for_column_bails_if_ascii_input_too_long() { 731 global $wpdb; 732 733 // TEXT column 734 $stripped = $wpdb->strip_invalid_text_for_column( $wpdb->comments, 'comment_content', str_repeat( 'A', 65536 ) ); 735 $this->assertEquals( 65535, strlen( $stripped ) ); 736 737 // VARCHAR column 738 $stripped = $wpdb->strip_invalid_text_for_column( $wpdb->comments, 'comment_agent', str_repeat( 'A', 256 ) ); 739 $this->assertEquals( 255, strlen( $stripped ) ); 740 } 543 741 }
Note: See TracChangeset
for help on using the changeset viewer.