Make WordPress Core

Changeset 37747


Ignore:
Timestamp:
06/19/2016 12:01:11 PM (8 years ago)
Author:
swissspidy
Message:

Permalinks: Validate custom permalink structures.

Custom permalink structures require at least one valid structure tag, e.g. %postname%. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.

Adds unit tests.

Props rockwell15 for initial patch.
Fixes #35936.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/options-permalink.php

    r36142 r37747  
    8383                $permalink_structure = $blog_prefix . $permalink_structure;
    8484        }
     85
     86        $permalink_structure = sanitize_option( 'permalink_structure', $permalink_structure );
     87
    8588        $wp_rewrite->set_permalink_structure( $permalink_structure );
    8689    }
     
    99102        $wp_rewrite->set_tag_base( $tag_base );
    100103    }
     104
     105    $message = __( 'Permalink structure updated.' );
     106
     107    if ( $iis7_permalinks ) {
     108        if ( $permalink_structure && ! $usingpi && ! $writable ) {
     109            $message = __( 'You should update your web.config now.' );
     110        } elseif ( $permalink_structure && ! $usingpi && $writable ) {
     111            $message = __( 'Permalink structure updated. Remove write access on web.config file now!' );
     112        }
     113    } elseif ( ! $is_nginx && $permalink_structure && ! $usingpi && ! $writable && $update_required ) {
     114        $message = __( 'You should update your .htaccess now.' );
     115    }
     116
     117    if ( ! get_settings_errors() ) {
     118        add_settings_error( 'general', 'settings_updated', $message, 'updated' );
     119    }
     120
     121    set_transient( 'settings_errors', get_settings_errors(), 30 );
    101122
    102123    wp_redirect( admin_url( 'options-permalink.php?settings-updated=true' ) );
     
    126147}
    127148
    128 if ( $wp_rewrite->using_index_permalinks() )
    129     $usingpi = true;
    130 else
    131     $usingpi = false;
     149$usingpi = $wp_rewrite->using_index_permalinks();
    132150
    133151flush_rewrite_rules();
    134152
    135153require( ABSPATH . 'wp-admin/admin-header.php' );
    136 
    137 if ( ! empty( $_GET['settings-updated'] ) ) : ?>
    138 <div id="message" class="updated notice is-dismissible"><p><?php
    139 if ( ! is_multisite() ) {
    140     if ( $iis7_permalinks ) {
    141         if ( $permalink_structure && ! $usingpi && ! $writable ) {
    142             _e('You should update your web.config now.');
    143         } elseif ( $permalink_structure && ! $usingpi && $writable ) {
    144             _e('Permalink structure updated. Remove write access on web.config file now!');
    145         } else {
    146             _e('Permalink structure updated.');
    147         }
    148     } elseif ( $is_nginx ) {
    149         _e('Permalink structure updated.');
    150     } else {
    151         if ( $permalink_structure && ! $usingpi && ! $writable && $update_required ) {
    152             _e('You should update your .htaccess now.');
    153         } else {
    154             _e('Permalink structure updated.');
    155         }
    156     }
    157 } else {
    158     _e('Permalink structure updated.');
    159 }
    160154?>
    161 </p></div>
    162 <?php endif; ?>
    163 
    164155<div class="wrap">
    165156<h1><?php echo esc_html( $title ); ?></h1>
  • trunk/src/wp-includes/formatting.php

    r37698 r37747  
    42054205                $value = str_replace( 'http://', '', $value );
    42064206            }
     4207
     4208            if ( 'permalink_structure' === $option && '' !== $value && ! preg_match( '/%[^\/%]+%/', $value ) ) {
     4209                $error = sprintf(
     4210                    /* translators: %s: Codex URL */
     4211                    __( 'A structure tag is required when using custom permalinks. <a href="%s">Learn more</a>' ),
     4212                    __( 'https://codex.wordpress.org/Using_Permalinks#Choosing_your_permalink_structure' )
     4213                );
     4214            }
    42074215            break;
    42084216
  • trunk/tests/phpunit/tests/option/sanitize-option.php

    r37470 r37747  
    120120        $this->assertSame( $expected, sanitize_option( 'blogdescription', $value ) );
    121121    }
     122
     123    /**
     124     * @dataProvider permalink_structure_provider
     125     */
     126    public function test_sanitize_permalink_structure( $provided, $expected, $valid ) {
     127        global $wp_settings_errors;
     128
     129        $old_wp_settings_errors = (array) $wp_settings_errors;
     130
     131        $actual = sanitize_option( 'permalink_structure', $provided);
     132        $errors = get_settings_errors( 'permalink_structure' );
     133
     134        // Clear errors.
     135        $wp_settings_errors = $old_wp_settings_errors;
     136
     137        if ( $valid ) {
     138            $this->assertEmpty( $errors );
     139        } else {
     140            $this->assertNotEmpty( $errors );
     141            $this->assertEquals( 'invalid_permalink_structure', $errors[0]['code'] );
     142        }
     143
     144        $this->assertEquals( $expected, $actual );
     145    }
     146
     147    public function permalink_structure_provider() {
     148        return array(
     149            array( '', '', true ),
     150            array( '%postname', false, false ),
     151            array( '%/%', false, false ),
     152            array( '%%%', false, false ),
     153            array( '%a%', '%a%', true ),
     154            array( '%postname%', '%postname%', true ),
     155            array( '/%postname%/', '/%postname%/', true ),
     156            array( '/%year%/%monthnum%/%day%/%postname%/', '/%year%/%monthnum%/%day%/%postname%/', true ),
     157            array( '/%year/%postname%/', '/%year/%postname%/', true ),
     158        );
     159    }
    122160}
Note: See TracChangeset for help on using the changeset viewer.