WordPress.org

Make WordPress Core

Ticket #25385: 25385.patch

File 25385.patch, 1.4 KB (added by nofearinc, 7 months ago)
  • wp-includes/pluggable.php

     
    455455} 
    456456endif; 
    457457 
     458if( !function_exists('is_url') ) { 
     459        /** 
     460         * Provides minimal validation that a string looks like a URL verifying only that it begins with http or https 
     461         * Note that strings without dots (i.e. localhost) are considered valid RFC domain names so validation does  
     462         * not look for .com, .net, etc 
     463         * 
     464         * @since 3.0 
     465         * @param string $url A URL to be validated.  
     466         * @return boolean 
     467        */ 
     468        function is_url( $url ) 
     469        { 
     470                preg_match( '#http(s?)://(.+)#i', $url, $matches ); 
     471                if( empty( $matches ) ) 
     472                        return false; 
     473                         
     474                return true; 
     475        } 
     476} 
     477 
    458478if ( !function_exists('wp_authenticate') ) : 
    459479/** 
    460480 * Checks a user's login information and logs them in if it checks out. 
  • wp-comments-post.php

     
    111111 
    112112$comment_type = ''; 
    113113 
     114if ( ! is_url ( $comment_author_url ) ) { 
     115        wp_die( __('<strong>ERROR</strong>: please enter a valid website address.') ); 
     116} 
     117 
    114118if ( get_option('require_name_email') && !$user->exists() ) { 
    115119        if ( 6 > strlen($comment_author_email) || '' == $comment_author ) 
    116120                wp_die( __('<strong>ERROR</strong>: please fill the required fields (name, email).') );