Changeset 7469 for trunk/tests/testcases/activity/functions.php

Timestamp:

10/23/2013 06:47:16 PM (11 years ago)

Author:

boonebgorges

Message:

Sanitize more gently in component *_update_meta() functions

Previous sanitization techniques resulted in double-sanitization. Recent
changes in how WP's SQL sanitization routines work have surfaced this problem,
in particular as regards line breaks. By removing the extraneous call to
esc_sql(), we ensure that line breaks are preserved, and sanitization is left
to $wpdb->prepare().

Change applied in update_meta() functions through bp-groups, bp-activity, and
bp-xprofile. Also adds corresponding unit tests.

Fixes #5180

File:

• trunk/tests/testcases/activity/functions.php (modified) (1 diff)

trunk/tests/testcases/activity/functions.php

@@ -87 +87 @@
         $this->assertEquals( false, $m3 );
     }
+
+    /**
+     * @group bp_activity_update_meta
+     * @ticket BP5180
+     */
+    public function test_bp_activity_update_meta_with_line_breaks() {
+        $a = $this->factory->activity->create();
+        $meta_value = 'Foo!
+
+
+Bar!';
+        bp_activity_update_meta( $a, 'linebreak_test', $meta_value );
+        $this->assertEquals( $meta_value, bp_activity_get_meta( $a, 'linebreak_test' ) );
+    }
 }