Changeset 7469 for trunk/tests/testcases/groups/functions.php

Timestamp:

10/23/2013 06:47:16 PM (11 years ago)

Author:

boonebgorges

Message:

Sanitize more gently in component *_update_meta() functions

Previous sanitization techniques resulted in double-sanitization. Recent
changes in how WP's SQL sanitization routines work have surfaced this problem,
in particular as regards line breaks. By removing the extraneous call to
esc_sql(), we ensure that line breaks are preserved, and sanitization is left
to $wpdb->prepare().

Change applied in update_meta() functions through bp-groups, bp-activity, and
bp-xprofile. Also adds corresponding unit tests.

Fixes #5180

File:

• trunk/tests/testcases/groups/functions.php (modified) (1 diff)

trunk/tests/testcases/groups/functions.php

@@ -270 +270 @@
         $this->assertEquals( 1, groups_get_groupmeta( $g, 'total_member_count' ) );
     }
+
+    /**
+     * @group groupmeta
+     * @ticket BP5180
+     */
+    public function test_groups_update_groupmeta_with_line_breaks() {
+        $g = $this->factory->group->create();
+        $meta_value = 'Foo!
+
+Bar!';
+        groups_update_groupmeta( $g, 'linebreak_test', $meta_value );
+
+        $this->assertEquals( $meta_value, groups_get_groupmeta( $g, 'linebreak_test' ) );
+    }
 }