WordPress.org

Make WordPress Core

Ticket #25385: 25385.patch

File 25385.patch, 1.4 KB (added by nofearinc, 5 years ago)
  • wp-includes/pluggable.php

     
    455455}
    456456endif;
    457457
     458if( !function_exists('is_url') ) {
     459        /**
     460         * Provides minimal validation that a string looks like a URL verifying only that it begins with http or https
     461         * Note that strings without dots (i.e. localhost) are considered valid RFC domain names so validation does
     462         * not look for .com, .net, etc
     463         *
     464         * @since 3.0
     465         * @param string $url A URL to be validated.
     466         * @return boolean
     467        */
     468        function is_url( $url )
     469        {
     470                preg_match( '#http(s?)://(.+)#i', $url, $matches );
     471                if( empty( $matches ) )
     472                        return false;
     473                       
     474                return true;
     475        }
     476}
     477
    458478if ( !function_exists('wp_authenticate') ) :
    459479/**
    460480 * Checks a user's login information and logs them in if it checks out.
  • wp-comments-post.php

     
    111111
    112112$comment_type = '';
    113113
     114if ( ! is_url ( $comment_author_url ) ) {
     115        wp_die( __('<strong>ERROR</strong>: please enter a valid website address.') );
     116}
     117
    114118if ( get_option('require_name_email') && !$user->exists() ) {
    115119        if ( 6 > strlen($comment_author_email) || '' == $comment_author )
    116120                wp_die( __('<strong>ERROR</strong>: please fill the required fields (name, email).') );