From a97f0a2c199e7a602b8738b3706c4c13ffc77277 Mon Sep 17 00:00:00 2001 From: Pascal Birchler Date: Sun, 19 Jun 2016 12:02:29 +0000 Subject: [PATCH] Permalinks: Validate custom permalink structures. Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks. Let's make sure this won't happen by validating the permalink structure. Adds unit tests. Props rockwell15 for initial patch. Fixes #35936. Built from https://develop.svn.wordpress.org/trunk@37747 git-svn-id: http://core.svn.wordpress.org/trunk@37712 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/options-permalink.php | 53 ++++++++++++++-------------------- wp-includes/formatting.php | 8 +++++ wp-includes/version.php | 2 +- 3 files changed, 31 insertions(+), 32 deletions(-) diff --git a/wp-admin/options-permalink.php b/wp-admin/options-permalink.php index 6fab4d2143..78b8d49dde 100644 --- a/wp-admin/options-permalink.php +++ b/wp-admin/options-permalink.php @@ -82,6 +82,9 @@ if ( isset($_POST['permalink_structure']) || isset($_POST['category_base']) ) { else $permalink_structure = $blog_prefix . $permalink_structure; } + + $permalink_structure = sanitize_option( 'permalink_structure', $permalink_structure ); + $wp_rewrite->set_permalink_structure( $permalink_structure ); } @@ -99,6 +102,24 @@ if ( isset($_POST['permalink_structure']) || isset($_POST['category_base']) ) { $wp_rewrite->set_tag_base( $tag_base ); } + $message = __( 'Permalink structure updated.' ); + + if ( $iis7_permalinks ) { + if ( $permalink_structure && ! $usingpi && ! $writable ) { + $message = __( 'You should update your web.config now.' ); + } elseif ( $permalink_structure && ! $usingpi && $writable ) { + $message = __( 'Permalink structure updated. Remove write access on web.config file now!' ); + } + } elseif ( ! $is_nginx && $permalink_structure && ! $usingpi && ! $writable && $update_required ) { + $message = __( 'You should update your .htaccess now.' ); + } + + if ( ! get_settings_errors() ) { + add_settings_error( 'general', 'settings_updated', $message, 'updated' ); + } + + set_transient( 'settings_errors', get_settings_errors(), 30 ); + wp_redirect( admin_url( 'options-permalink.php?settings-updated=true' ) ); exit; } @@ -125,42 +146,12 @@ if ( $iis7_permalinks ) { } } -if ( $wp_rewrite->using_index_permalinks() ) - $usingpi = true; -else - $usingpi = false; +$usingpi = $wp_rewrite->using_index_permalinks(); flush_rewrite_rules(); require( ABSPATH . 'wp-admin/admin-header.php' ); - -if ( ! empty( $_GET['settings-updated'] ) ) : ?> -

-

- -

diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 9697c66c7b..905e6b2388 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -4204,6 +4204,14 @@ function sanitize_option( $option, $value ) { $value = esc_url_raw( $value ); $value = str_replace( 'http://', '', $value ); } + + if ( 'permalink_structure' === $option && '' !== $value && ! preg_match( '/%[^\/%]+%/', $value ) ) { + $error = sprintf( + /* translators: %s: Codex URL */ + __( 'A structure tag is required when using custom permalinks. Learn more' ), + __( 'https://codex.wordpress.org/Using_Permalinks#Choosing_your_permalink_structure' ) + ); + } break; case 'default_role' : diff --git a/wp-includes/version.php b/wp-includes/version.php index e9f77dedb6..94b1c5f869 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.6-alpha-37746'; +$wp_version = '4.6-alpha-37747'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.