WordPress.org

Make WordPress Core

Ticket #16979: 16979.diff

File 16979.diff, 6.0 KB (added by dd32, 3 years ago)
  • wp-comments-post.php

     
    8080                wp_die( __('Error: please enter a valid email address.') ); 
    8181} 
    8282 
    83 if ( '' == $comment_content ) 
    84         wp_die( __('Error: please type a comment.') ); 
    85  
    8683$comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; 
    8784 
    8885$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); 
  • wp-includes/comment.php

     
    604604        global $wpdb; 
    605605        extract($commentdata, EXTR_SKIP); 
    606606 
    607         // Simple duplicate check 
    608         // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) 
    609         $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved != 'trash' AND ( comment_author = '$comment_author' "; 
    610         if ( $comment_author_email ) 
    611                 $dupe .= "OR comment_author_email = '$comment_author_email' "; 
    612         $dupe .= ") AND comment_content = '$comment_content' LIMIT 1"; 
    613         if ( $wpdb->get_var($dupe) ) { 
    614                 do_action( 'comment_duplicate_trigger', $commentdata ); 
    615                 if ( defined('DOING_AJAX') ) 
    616                         die( __('Duplicate comment detected; it looks as though you’ve already said that!') ); 
     607        do_action( 'check_comment_flood', $comment_author_IP, $comment_author_email, $comment_date_gmt, $commentdata); 
    617608 
    618                 wp_die( __('Duplicate comment detected; it looks as though you’ve already said that!') ); 
    619         } 
    620  
    621         do_action( 'check_comment_flood', $comment_author_IP, $comment_author_email, $comment_date_gmt ); 
    622  
    623609        if ( isset($user_id) && $user_id) { 
    624610                $userdata = get_userdata($user_id); 
    625611                $user = new WP_User($user_id); 
     
    681667} 
    682668 
    683669/** 
     670 * Check whether the comment has been posted already 
     671 * 
     672 * 
     673 * @since 3.2.0 
     674 * @uses $wpdb 
     675 * @uses do_action() Calls 'comment_duplicate_trigger' action with the comment data 
     676 * 
     677 * @param string $ip Comment IP. 
     678 * @param string $email Comment author email address. 
     679 * @param string $date MySQL time string. 
     680 * @param array  $commentdata The pre-processed comment data 
     681 */ 
     682function check_comment_flood_duplicate($ip, $email, $date, $commentdata) { 
     683        global $wpdb; 
     684        extract($commentdata, EXTR_SKIP); 
     685 
     686        // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) 
     687        $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved != 'trash' AND ( comment_author = '$comment_author' "; 
     688        if ( $comment_author_email ) 
     689                $dupe .= "OR comment_author_email = '$comment_author_email' "; 
     690        $dupe .= ") AND comment_content = '$comment_content' LIMIT 1"; 
     691 
     692        if ( $wpdb->get_var($dupe) ) { 
     693                do_action( 'comment_duplicate_trigger', $commentdata ); 
     694                if ( defined('DOING_AJAX') ) 
     695                        die( __('Duplicate comment detected; it looks as though you’ve already said that!') ); 
     696 
     697                wp_die( __('Duplicate comment detected; it looks as though you’ve already said that!') ); 
     698        } 
     699} 
     700 
     701/** 
    684702 * Separates an array of comments into an array keyed by comment_type. 
    685703 * 
    686704 * @since 2.7.0 
     
    12231241                $comment_type = ''; 
    12241242 
    12251243        $data = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_author_IP', 'comment_date', 'comment_date_gmt', 'comment_content', 'comment_karma', 'comment_approved', 'comment_agent', 'comment_type', 'comment_parent', 'user_id'); 
     1244 
     1245        $data = apply_filters('wp_insert_comment_data', $data); // expect UNslashed 
     1246         
    12261247        $wpdb->insert($wpdb->comments, $data); 
    12271248 
    12281249        $id = (int) $wpdb->insert_id; 
     
    12891310} 
    12901311 
    12911312/** 
     1313 * Blocks empty comments by wp_die()'ing on empty comments 
     1314 * 
     1315 * This function is hooked as such: 
     1316 * <code>add_filter( 'preprocess_comment', 'disallow_empty_comments', 5);</code> 
     1317 * 
     1318 * @since 3.2.0 
     1319 * 
     1320 * @param array $commentdata the comment data 
     1321 * @return array the comment data 
     1322 */ 
     1323function disallow_empty_comments($commentdata) { 
     1324        if ( '' == $commentdata['comment_content'] ) 
     1325                wp_die( __('Error: please type a comment.') ); 
     1326 
     1327        return $commentdata; 
     1328} 
     1329 
     1330/** 
    12921331 * Adds a new comment to the database. 
    12931332 * 
    12941333 * Filters new comment to ensure that the fields are sanitized and valid before 
     
    13331372 
    13341373        $commentdata['comment_approved'] = wp_allow_comment($commentdata); 
    13351374 
     1375        $commentdata = apply_filters('process_comment', $commentdata); 
     1376 
    13361377        $comment_ID = wp_insert_comment($commentdata); 
    13371378 
    13381379        do_action('comment_post', $comment_ID, $commentdata['comment_approved']); 
  • wp-includes/default-filters.php

     
    179179add_filter( 'tiny_mce_before_init', '_mce_set_direction'                  ); 
    180180add_filter( 'pre_kses',             'wp_pre_kses_less_than'               ); 
    181181add_filter( 'sanitize_title',       'sanitize_title_with_dashes'          ); 
     182add_action( 'check_comment_flood',  'check_comment_flood_duplicate',10, 4 ); 
    182183add_action( 'check_comment_flood',  'check_comment_flood_db',       10, 3 ); 
    183184add_filter( 'comment_flood_filter', 'wp_throttle_comment_flood',    10, 3 ); 
    184185add_filter( 'pre_comment_content',  'wp_rel_nofollow',              15    ); 
     
    190191add_filter( 'pings_open',           '_close_comments_for_old_post', 10, 2 ); 
    191192add_filter( 'editable_slug',        'urldecode'                           ); 
    192193add_filter( 'nav_menu_meta_box_object', '_wp_nav_menu_meta_box_object'    ); 
     194add_filter( 'preprocess_comment',   'disallow_empty_comments',      5     ); 
    193195 
    194196// Atom SSL support 
    195 add_filter( 'atom_service_url','atom_service_url_filter' ); 
     197add_filter( 'atom_service_url', 'atom_service_url_filter' ); 
    196198 
    197199// Actions 
    198200add_action( 'wp_head',             'wp_enqueue_scripts',            1     );