David A. Windham
david
/
wp
1
0
Fork 0
Files Issues 0 Pull Requests 0
Tree: fd233eac72
Branches Tags
wp
/
tests
/
phpunit
/
tests
/
formatting
/
WPSpecialchars.php

WPSpecialchars.php 3.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @group formatting
    5. 

  5.  */
    6. 

  6. class Tests_Formatting_WPSpecialchars extends WP_UnitTestCase {
    7. 

  7. 	function test_wp_specialchars_basics() {
    8. 

  8. 		$html = '&amp;&lt;hello world&gt;';
    9. 

  9. 		$this->assertSame( $html, _wp_specialchars( $html ) );
    10. 

  10. 

  11. 		$double = '&amp;amp;&amp;lt;hello world&amp;gt;';
    12. 

  12. 		$this->assertSame( $double, _wp_specialchars( $html, ENT_NOQUOTES, false, true ) );
    13. 

  13. 	}
    14. 

  14. 

  15. 	function test_allowed_entity_names() {
    16. 

  16. 		global $allowedentitynames;
    17. 

  17. 

  18. 		// Allowed entities should be unchanged.
    19. 

  19. 		foreach ( $allowedentitynames as $ent ) {
    20. 

  20. 			if ( 'apos' === $ent ) {
    21. 

  21. 				// But for some reason, PHP doesn't allow &apos;
    22. 

  22. 				continue;
    23. 

  23. 			}
    24. 

  24. 			$ent = '&' . $ent . ';';
    25. 

  25. 			$this->assertSame( $ent, _wp_specialchars( $ent ) );
    26. 

  26. 		}
    27. 

  27. 	}
    28. 

  28. 

  29. 	function test_not_allowed_entity_names() {
    30. 

  30. 		$ents = array( 'iacut', 'aposs', 'pos', 'apo', 'apo?', 'apo.*', '.*apo.*', 'apos ', ' apos', ' apos ' );
    31. 

  31. 

  32. 		foreach ( $ents as $ent ) {
    33. 

  33. 			$escaped = '&amp;' . $ent . ';';
    34. 

  34. 			$ent     = '&' . $ent . ';';
    35. 

  35. 			$this->assertSame( $escaped, _wp_specialchars( $ent ) );
    36. 

  36. 		}
    37. 

  37. 	}
    38. 

  38. 

  39. 	function test_optionally_escapes_quotes() {
    40. 

  40. 		$source = "\"'hello!'\"";
    41. 

  41. 		$this->assertSame( '"&#039;hello!&#039;"', _wp_specialchars( $source, 'single' ) );
    42. 

  42. 		$this->assertSame( "&quot;'hello!'&quot;", _wp_specialchars( $source, 'double' ) );
    43. 

  43. 		$this->assertSame( '&quot;&#039;hello!&#039;&quot;', _wp_specialchars( $source, true ) );
    44. 

  44. 		$this->assertSame( $source, _wp_specialchars( $source ) );
    45. 

  45. 	}
    46. 

  46. 

  47. 	/**
    48. 

  48. 	 * Check some of the double-encoding features for entity references.
    49. 

  49. 	 *
    50. 

  50. 	 * @ticket 17780
    51. 

  51. 	 * @dataProvider data_double_encoding
    52. 

  52. 	 */
    53. 

  53. 	function test_double_encoding( $input, $output ) {
    54. 

  54. 		return $this->assertSame( $output, _wp_specialchars( $input, ENT_NOQUOTES, false, true ) );
    55. 

  55. 	}
    56. 

  56. 

  57. 	function data_double_encoding() {
    58. 

  58. 		return array(
    59. 

  59. 			array(
    60. 

  60. 				'This & that, this &amp; that, &#8212; &quot; &QUOT; &Uacute; &nbsp; &#34; &#034; &#0034; &#x00022; &#x22; &dollar; &times;',
    61. 

  61. 				'This &amp; that, this &amp;amp; that, &amp;#8212; &amp;quot; &amp;QUOT; &amp;Uacute; &amp;nbsp; &amp;#34; &amp;#034; &amp;#0034; &amp;#x00022; &amp;#x22; &amp;dollar; &amp;times;',
    62. 

  62. 			),
    63. 

  63. 			array(
    64. 

  64. 				'&& &&amp; &amp;&amp; &amp;;',
    65. 

  65. 				'&amp;&amp; &amp;&amp;amp; &amp;amp;&amp;amp; &amp;amp;;',
    66. 

  66. 			),
    67. 

  67. 			array(
    68. 

  68. 				'&garbage; &***; &aaaa; &0000; &####; &;;',
    69. 

  69. 				'&amp;garbage; &amp;***; &amp;aaaa; &amp;0000; &amp;####; &amp;;;',
    70. 

  70. 			),
    71. 

  71. 		);
    72. 

  72. 	}
    73. 

  73. 

  74. 	/**
    75. 

  75. 	 * Check some of the double-encoding features for entity references.
    76. 

  76. 	 *
    77. 

  77. 	 * @ticket 17780
    78. 

  78. 	 * @dataProvider data_no_double_encoding
    79. 

  79. 	 */
    80. 

  80. 	function test_no_double_encoding( $input, $output ) {
    81. 

  81. 		return $this->assertSame( $output, _wp_specialchars( $input, ENT_NOQUOTES, false, false ) );
    82. 

  82. 	}
    83. 

  83. 

  84. 	function data_no_double_encoding() {
    85. 

  85. 		return array(
    86. 

  86. 			array(
    87. 

  87. 				'This & that, this &amp; that, &#8212; &quot; &QUOT; &Uacute; &nbsp; &#34; &#034; &#0034; &#x00022; &#x22; &dollar; &times;',
    88. 

  88. 				'This &amp; that, this &amp; that, &#8212; &quot; &amp;QUOT; &Uacute; &nbsp; &#034; &#034; &#034; &#x22; &#x22; &amp;dollar; &times;',
    89. 

  89. 			),
    90. 

  90. 			array(
    91. 

  91. 				'&& &&amp; &amp;&amp; &amp;;',
    92. 

  92. 				'&amp;&amp; &amp;&amp; &amp;&amp; &amp;;',
    93. 

  93. 			),
    94. 

  94. 			array(
    95. 

  95. 				'&garbage; &***; &aaaa; &0000; &####; &;;',
    96. 

  96. 				'&amp;garbage; &amp;***; &amp;aaaa; &amp;0000; &amp;####; &amp;;;',
    97. 

  97. 			),
    98. 

  98. 		);
    99. 

  99. 	}
    100. 

  100. }
    101.