WordPress.org

Make WordPress Core

Changeset 33840


Ignore:
Timestamp:
09/01/2015 03:56:44 AM (4 years ago)
Author:
wonderboymusic
Message:

User Settings: allow dashes in get|set_user_setting() in PHP and get|setUserSetting() in JS.

Add unit tests - there were none. Mock set_user_setting() since it won't run due to headers_sent() being true.

Fixes #22781.

Location:
trunk
Files:
1 added
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/js/utils.js

    r29478 r33840  
    162162        secure = !! userSettings.secure;
    163163
    164     name = name.toString().replace( /[^A-Za-z0-9_]/, '' );
     164    name = name.toString().replace( /[^A-Za-z0-9_-]/, '' );
    165165
    166166    if ( typeof value === 'number' ) {
    167167        value = parseInt( value, 10 );
    168168    } else {
    169         value = value.toString().replace( /[^A-Za-z0-9_]/, '' );
     169        value = value.toString().replace( /[^A-Za-z0-9_-]/, '' );
    170170    }
    171171
  • trunk/src/wp-includes/option.php

    r33794 r33840  
    901901
    902902    if ( isset( $_COOKIE['wp-settings-' . $user_id] ) ) {
    903         $cookie = preg_replace( '/[^A-Za-z0-9=&_]/', '', $_COOKIE['wp-settings-' . $user_id] );
     903        $cookie = preg_replace( '/[^A-Za-z0-9=&_-]/', '', $_COOKIE['wp-settings-' . $user_id] );
    904904
    905905        if ( strpos( $cookie, '=' ) ) { // '=' cannot be 1st char
     
    941941    $settings = '';
    942942    foreach ( $user_settings as $name => $value ) {
    943         $_name = preg_replace( '/[^A-Za-z0-9_]+/', '', $name );
    944         $_value = preg_replace( '/[^A-Za-z0-9_]+/', '', $value );
     943        $_name = preg_replace( '/[^A-Za-z0-9_-]+/', '', $name );
     944        $_value = preg_replace( '/[^A-Za-z0-9_-]+/', '', $value );
    945945
    946946        if ( ! empty( $_name ) ) {
Note: See TracChangeset for help on using the changeset viewer.