Regex Failure in check_comment()

[miqrogroove]

"Hold a comment in the queue if it contains 1 more more links." This setting does not work. Comments with links are being posted without moderation.

At the top of comment.php, WordPress is using the wrong regex:

"|(href\t*?=\t*?['\"]?)?(https?:)?|i"

This is the wrong pattern because WordPress is much more liberal about displaying links in comments.

default-filters.php calls

add_filter('comment_text', 'make_clickable', 9);

And in formatting.php we have

function make_clickable($ret) {
$ret = ' ' . $ret;
in testing, using arrays here was found to be faster
$ret = preg_replace_callback('#([\s>])([\w]+?:[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_url_clickable_cb', $ret);
$ret = preg_replace_callback('#([\s>])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_web_ftp_clickable_cb', $ret);
$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
this one is not in an array because we need it to run last, for cleanup of accidental links within links
$ret = preg_replace("#(<a( [^{>]+?>|>))]+?>([}>]+?)#i", "$1$3", $ret);
$ret = trim($ret);
return $ret;
}

Now contrast this against the filter being used by check_comment(), which is only "|(href\t*?=\t*?['\"]?)?(https?:)?|i"

Copied from ​http://wordpress.org/support/topic/222956

Please mark duplicate of #7821. I found this fixed in SVN at revision 9782.

NOT FIXED in 2.7! I will post details as I find them.

bah, false alarm. I could have sworn this was acting up again...