WordPress.org

Make WordPress Core

Ticket #18630: 18630.2.diff

File 18630.2.diff, 4.9 KB (added by mdgl, 5 years ago)
  • wp-includes/comment.php

     
    10951095 *
    10961096 * @global wpdb $wpdb WordPress database abstraction object.
    10971097 *
    1098  * @param array $commentdata Contains information on the comment
    1099  * @return mixed Signifies the approval status (0|1|'spam')
     1098 * @param array $commentdata Contains information on the comment.
     1099 * @param bool $wp_error Whether to return a WP_Error object instead of dying if there is a failure. Default is false.
     1100 * @return mixed Signifies the approval status (0|1|'spam') on success, optionally WP_Error on failure.
    11001101 */
    1101 function wp_allow_comment( $commentdata ) {
    1102         global $wpdb;
     1102function wp_allow_comment( $commentdata, $wp_error = false ) {
     1103        global $wpdb, $_comment_flood_wp_error_flag, $_comment_flood_wp_error_obj;
    11031104
    11041105        // Simple duplicate check
    11051106        // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content)
     
    11281129                 * @param array $commentdata Comment data.
    11291130                 */
    11301131                do_action( 'comment_duplicate_trigger', $commentdata );
    1131                 if ( defined( 'DOING_AJAX' ) ) {
    1132                         die( __('Duplicate comment detected; it looks as though you’ve already said that!') );
     1132                $msg = __( 'Duplicate comment detected; it looks as though you’ve already said that!' );
     1133                if ( $wp_error ) {
     1134                        return new WP_Error( 'duplicate_comment', $msg );
     1135                } elseif ( defined( 'DOING_AJAX' ) ) {
     1136                        die( $msg );
     1137                } else {
     1138                        wp_die( $msg );
    11331139                }
    1134                 wp_die( __('Duplicate comment detected; it looks as though you’ve already said that!') );
    11351140        }
    11361141
     1142        $old_cf_error_flag = $_comment_flood_wp_error_flag;
     1143        $_comment_flood_wp_error_flag = $wp_error;
     1144        if ( $wp_error ) {
     1145                $_comment_flood_wp_error_obj = null;
     1146        }
     1147
    11371148        /**
    11381149         * Fires immediately before a comment is marked approved.
    11391150         *
     
    11521163                $commentdata['comment_date_gmt']
    11531164        );
    11541165
     1166        $_comment_flood_wp_error_flag = $old_cf_error_flag;
     1167
     1168        if ( $wp_error && is_wp_error( $_comment_flood_wp_error_obj ) ) {
     1169                return $_comment_flood_wp_error_obj;
     1170        }
     1171
    11551172        if ( ! empty( $commentdata['user_id'] ) ) {
    11561173                $user = get_userdata( $commentdata['user_id'] );
    11571174                $post_author = $wpdb->get_var( $wpdb->prepare(
     
    12031220        return $approved;
    12041221}
    12051222
     1223// Comment flood detection error handling
     1224
    12061225/**
     1226 * Whether check_comment_flood_db() should die or return a WP_Error object if a comment flood is detected.
     1227 * @global bool $_comment_flood_wp_error_flag
     1228 *
     1229 * The WP_Error object returned by check_comment_flood_db().
     1230 * @global WP_Error $_comment_flood_wp_error_obj
     1231 */
     1232global $_comment_flood_wp_error_flag, $_comment_flood_wp_error_obj;
     1233$_comment_flood_wp_error_flag = false;
     1234
     1235/**
    12071236 * Check whether comment flooding is occurring.
    12081237 *
    12091238 * Won't run, if current user can manage options, so to not block
     
    12181247 * @param string $date MySQL time string.
    12191248 */
    12201249function check_comment_flood_db( $ip, $email, $date ) {
    1221         global $wpdb;
     1250        global $wpdb, $_comment_flood_wp_error_flag, $_comment_flood_wp_error_obj;
     1251        if ( $_comment_flood_wp_error_flag ) {
     1252                $_comment_flood_wp_error_obj = null;
     1253        }
    12221254        if ( current_user_can( 'manage_options' ) )
    12231255                return; // don't throttle admins
    12241256        $hour_ago = gmdate( 'Y-m-d H:i:s', time() - HOUR_IN_SECONDS );
     
    12461278                         */
    12471279                        do_action( 'comment_flood_trigger', $time_lastcomment, $time_newcomment );
    12481280
    1249                         if ( defined('DOING_AJAX') )
    1250                                 die( __('You are posting comments too quickly. Slow down.') );
    1251 
    1252                         wp_die( __('You are posting comments too quickly. Slow down.'), '', array('response' => 403) );
     1281                        $msg = __('You are posting comments too quickly. Slow down.');
     1282                        if ( $_comment_flood_wp_error_flag ) {
     1283                                $_comment_flood_wp_error_obj = new WP_Error( 'comment_flood', $msg );
     1284                                return;
     1285                        } elseif ( defined( 'DOING_AJAX' ) ) {
     1286                                die( $msg );
     1287                        } else {
     1288                                wp_die( $msg, '', array('response' => 403) );
     1289                        }
    12531290                }
    12541291        }
    12551292}
     
    20412078 *
    20422079 * @since 1.5.0
    20432080 * @param array $commentdata Contains information on the comment.
    2044  * @return int|bool The ID of the comment on success, false on failure.
     2081 * @param bool $wp_error Whether to return a WP_Error object if there is a failure. Default is false.
     2082 * @return int|bool|WP_Error The ID of the comment on success, false or WP_Error on failure.
    20452083 */
    2046 function wp_new_comment( $commentdata ) {
     2084function wp_new_comment( $commentdata, $wp_error = false ) {
    20472085        if ( isset( $commentdata['user_ID'] ) ) {
    20482086                $commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
    20492087        }
     
    20782116
    20792117        $commentdata = wp_filter_comment($commentdata);
    20802118
    2081         $commentdata['comment_approved'] = wp_allow_comment($commentdata);
     2119        $approved = wp_allow_comment( $commentdata, $wp_error );
     2120        if ( $wp_error && is_wp_error( $approved ) ) {
     2121                return $approved;
     2122        } else {
     2123                $commentdata['comment_approved'] = $approved;
     2124        }
    20822125
    20832126        $comment_ID = wp_insert_comment($commentdata);
    20842127        if ( ! $comment_ID ) {