bp_verify_nonce_request() not working correctly for those using a port in URL

[r-a-y]

When a site is using a port for their home URL, bp_verify_nonce_request() can sometimes fail.

bp_verify_nonce_request() fails if these three conditions are met:

• WordPress is installed in a subdirectory
• Site is using a port number in the WP home URL
• $_SERVER['HTTP_HOST'] returns the port number as well

See:
​https://buddypress.org/support/topic/bp_verify_nonce_request-not-working/#post-241018

In that user's debugging, the port is duplicated twice due to $_SERVER['HTTP_HOST'] including the port number and we're appending the port number again with $_SERVER['SERVER_PORT'].

Attached patch only appends $_SERVER['SERVER_PORT'] if $_SERVER['HTTP_HOST'] does not already include the port number.

Patch also includes a unit test describing the above use case.

I can write more unit tests if desired.

[boonebgorges]

+1 from me.

[DJPaul]

LGTM :)

[r-a-y]

In 10044:

Core: Fix issue with bp_verify_nonce_request() when a port is used in the home URL.

When a site is using a port for their home URL, bp_verify_nonce_request()
can sometimes fail. This is because the port is duplicated twice due to
$_SERVER['HTTP_HOST'] including the port number and we're appending the
port number again with $_SERVER['SERVER_PORT'].

This commit appends $_SERVER['SERVER_PORT'] if $_SERVER['HTTP_HOST']
does not already include the port number and includes a unit test.

Fixes #6528.

[r-a-y]

In 10047:

Fix unit test for bp_verify_nonce_request().

See #6528, r10046.