Fix PayPal donation URL validation for complex query strings

[davidperezgar]

Description

Fixes #1150 — PayPal donation URLs with complex query strings are now correctly recognized as valid.

The donate link validation incorrectly flagged valid PayPal donation URLs as invalid when they contained URLs in query parameters (e.g., return=https://wordpress.org/plugins/my-plugin/).

Changes

• Updated is_valid_url() method (includes/Traits/URL_Utils.php):

  • Replaced strict filter_var() validation with a more lenient approach using wp_parse_url()
  • Added proper handling for when wp_parse_url() returns false or non-array values
  • Fixed duplicated protocol detection to only check the URL portion before the query string (?), preventing false positives when URLs appear in query parameters
  • Improved host validation to allow valid characters (alphanumeric, dots, hyphens, underscores)

• Added test cases (tests/phpunit/tests/Traits/URL_Utils_Tests.php):

  • Added test cases for PayPal donation URLs including:
    • The exact URL from issue Donate URL incorrectly flagged as invalid #1150
    • Other PayPal donation URL formats (paypal.me, paypal.com/donate, etc.)

• Added integration test (tests/phpunit/tests/Checker/Checks/Plugin_Readme_Check_Tests.php):

  • Added test_run_with_valid_paypal_donate_link() to verify the full check flow
  • Created test plugin test-plugin-plugin-readme-valid-paypal-donate with a valid PayPal donation URL

Benefits

• PayPal donation URLs with complex query strings are now correctly validated
• Reduces false positives for valid donation links
• Maintains security by still detecting truly invalid URLs and duplicated protocols
• Better handling of URLs that contain other URLs in query parameters

Checklist

• Code follows WordPress Coding Standards
• Self-reviewed the code
• Added necessary comments
• No new linter errors
• Added test cases to prevent regression
• All existing tests pass
• New tests pass

[github-actions]

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

If you're merging code through a pull request on GitHub, copy and paste the following into the bottom of the merge commit message.

Co-authored-by: davidperezgar <davidperez@git.wordpress.org>
Co-authored-by: ernilambar <nilambar@git.wordpress.org>
Co-authored-by: frantorres <frantorres@git.wordpress.org>

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.