Make WordPress Core

Changeset 46650


Ignore:
Timestamp:
11/04/2019 03:04:41 PM (5 years ago)
Author:
SergeyBiryukov
Message:

Login and Registration: Simplify the test for wp_signon() added in [46640].

Make sure it actually tests the change in behavior, previously it passed both before and after the patch.

Add wp_unslash() to the last remaining instance of $_POST['user_login'] that didn't have it.

See #38744.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-login.php

    r46640 r46650  
    374374        }
    375375    } else {
    376         $login     = trim( $_POST['user_login'] );
     376        $login     = trim( wp_unslash( $_POST['user_login'] ) );
    377377        $user_data = get_user_by( 'login', $login );
    378378    }
  • trunk/tests/phpunit/tests/auth.php

    r46586 r46650  
    388388     * @ticket 9568
    389389     */
    390     function test_log_in_using_email() {
     390    public function test_log_in_using_email() {
    391391        $user_args = array(
    392392            'user_login' => 'johndoe',
     
    399399        $this->assertInstanceOf( 'WP_User', wp_authenticate( $user_args['user_login'], $user_args['user_pass'] ) );
    400400    }
     401
     402    /**
     403     * @ticket 38744
     404     */
     405    public function test_wp_signon_using_email_with_an_apostrophe() {
     406        $user_args = array(
     407            'user_email' => "mail\'@example.com",
     408            'user_pass'  => 'password',
     409        );
     410        $this->factory()->user->create( $user_args );
     411
     412        $_POST['log'] = $user_args['user_email'];
     413        $_POST['pwd'] = $user_args['user_pass'];
     414        $this->assertInstanceOf( 'WP_User', wp_signon() );
     415    }
     416
    401417}
  • trunk/tests/phpunit/tests/user.php

    r46643 r46650  
    3636        self::$user_ids[] = self::$contrib_id;
    3737
    38         self::$user_ids[] = $factory->user->create(
    39             array(
    40                 'user_login'    => "testemailaddress'@test.com",
    41                 'user_nicename' => 'user_email_with_apostrophe',
    42                 'user_pass'     => 'password',
    43                 'first_name'    => 'John',
    44                 'last_name'     => 'Doe',
    45                 'display_name'  => 'John Doe',
    46                 'user_email'    => "testemailaddress'@test.com",
    47                 'user_url'      => 'http://tacos.com',
    48                 'role'          => 'contributor',
    49                 'nickname'      => 'Johnny',
    50                 'description'   => 'I am a WordPress user that cares about privacy.',
    51             )
    52         );
    53 
    5438        self::$author_id  = $factory->user->create(
    5539            array(
     
    6549        self::$editor_id  = $factory->user->create(
    6650            array(
     51                'user_email' => 'test@test.com',
    6752                'role'       => 'editor',
    68                 'user_email' => 'test@test.com',
    6953            )
    7054        );
     
    8064
    8165        $this->author = clone self::$_author;
    82     }
    83 
    84     public function test_that_you_can_login_with_an_email_that_has_apostrophe() {
    85 
    86         // Create the user with an email that has an apostrophe (see test setup).
    87 
    88         // Login as the user.
    89         $credentials = [
    90             'user_login'    => "testemailaddress'@test.com",
    91             'user_password' => 'password',
    92         ];
    93 
    94         // Attempt to login.
    95         $user = wp_signon( $credentials );
    96 
    97         // Assert that the login was successfull.
    98         // If the login fails, an instance of WP_Error is returned rather than User object.
    99         $this->assertNotWPError( $user );
    10066    }
    10167
Note: See TracChangeset for help on using the changeset viewer.