Merge branch '8.x' of git.drupal.org:project/drupal into 8.x
Dries
commit
d9964fc606
|
|
@ -47,15 +47,13 @@ class UserAutocompleteTest extends WebTestBase {
|
|||
// Using first letter of the user's name, make sure the user's full name is in the results.
|
||||
$this->assertRaw($this->unprivileged_user->name, 'User name found in autocompletion results.');
|
||||
|
||||
// Test that anonymous username is in the result.
|
||||
$anonymous_name = $this->randomString();
|
||||
$anonymous_name = $this->randomString() . '<script>alert();</script>';
|
||||
config('user.settings')->set('anonymous', $anonymous_name)->save();
|
||||
$this->drupalGet('user/autocomplete', array('query' => array('q' => drupal_substr($anonymous_name, 0, 4), 'anonymous' => '1')));
|
||||
// Encode the anonymous name in the same way as JsonResponse does.
|
||||
// @see \Symfony\Component\HttpFoundation\JsonResponse::setData()
|
||||
$anonymous_name_safe = json_encode($anonymous_name, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT);
|
||||
$this->assertRaw($anonymous_name_safe, 'The anonymous name found in autocompletion results.');
|
||||
$this->drupalGet('user/autocomplete', array('query' => array('q' => drupal_substr($anonymous_name, 0, 4))));
|
||||
$this->assertNoRaw($anonymous_name_safe, 'The anonymous name not found in autocompletion results without enabling anonymous username.');
|
||||
// Test that anonymous username is in the result when requested and escaped
|
||||
// with check_plain().
|
||||
$users = $this->drupalGetAjax('user/autocomplete/anonymous', array('query' => array('q' => drupal_substr($anonymous_name, 0, 4))));
|
||||
$this->assertTrue(in_array(check_plain($anonymous_name), $users), 'The anonymous name found in autocompletion results.');
|
||||
$users = $this->drupalGetAjax('user/autocomplete', array('query' => array('q' => drupal_substr($anonymous_name, 0, 4))));
|
||||
$this->assertFalse(isset($users[$anonymous_name]), 'The anonymous name not found in autocompletion results without enabling anonymous username.');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -917,6 +917,15 @@ function user_menu() {
|
|||
'file' => 'user.pages.inc',
|
||||
);
|
||||
|
||||
$items['user/autocomplete/anonymous'] = array(
|
||||
'title' => 'User autocomplete including anonymous',
|
||||
'page callback' => 'user_autocomplete',
|
||||
'page arguments' => array(TRUE),
|
||||
'access callback' => 'user_access',
|
||||
'access arguments' => array('access user profiles'),
|
||||
'type' => MENU_CALLBACK,
|
||||
'file' => 'user.pages.inc',
|
||||
);
|
||||
// Registration and login pages.
|
||||
$items['user'] = array(
|
||||
'title' => 'User account',
|
||||
|
|
|
|||
|
|
@ -15,26 +15,24 @@ use Symfony\Component\HttpKernel\HttpKernelInterface;
|
|||
* Menu callback for user autocompletion.
|
||||
*
|
||||
* Like other autocomplete functions, this function inspects the 'q' query
|
||||
* parameter for the string to use to search for suggestions. If the name used
|
||||
* to indicate anonymous users (e.g. "Anonymous") is to be included as a
|
||||
* possible suggestion, the 'anonymous' query parameter should be set
|
||||
* additionally. For example, http://example.com/user/autocomplete?q=An might
|
||||
* return "Andrew" and "Anne", while
|
||||
* http://example.com/user/autocomplete?q=An&anonymous=1 will additionally
|
||||
* return "Anonymous".
|
||||
* parameter for the string to use to search for suggestions.
|
||||
*
|
||||
* @param bool $include_anonymous
|
||||
* (optional) TRUE if the the name used to indicate anonymous users (e.g.
|
||||
* "Anonymous") should be autocompleted. Defaults to FALSE.
|
||||
*
|
||||
* @return \Symfony\Component\HttpFoundation\JsonResponse
|
||||
* A JSON response containing the autocomplete suggestions for existing users.
|
||||
*/
|
||||
function user_autocomplete() {
|
||||
function user_autocomplete($include_anonymous = FALSE) {
|
||||
$matches = array();
|
||||
$query = drupal_container()->get('request')->query;
|
||||
if ($string = $query->get('q')) {
|
||||
if ($query->get('anonymous')) {
|
||||
if ($include_anonymous) {
|
||||
$anonymous_name = config('user.settings')->get('anonymous');
|
||||
// Allow autocompletion for the anonymous user.
|
||||
if (stripos($anonymous_name, $string) !== FALSE) {
|
||||
$matches[$anonymous_name] = $anonymous_name;
|
||||
$matches[$anonymous_name] = check_plain($anonymous_name);
|
||||
}
|
||||
}
|
||||
$result = db_select('users')->fields('users', array('name'))->condition('name', db_like($string) . '%', 'LIKE')->range(0, 10)->execute();
|
||||
|
|
|
|||
Loading…
Reference in New Issue