Ticket #28603: 28603.4.diff
File 28603.4.diff, 4.3 KB (added by , 10 years ago) |
---|
-
src/wp-includes/comment.php
23 23 * If all checks pass, the function will return true. 24 24 * 25 25 * @since 1.2.0 26 * @since 4.2.0 The $user_id parameter was introduced. 26 27 * 27 28 * @global wpdb $wpdb WordPress database abstraction object. 28 29 * … … 34 35 * @param string $user_agent Comment author User-Agent. 35 36 * @param string $comment_type Comment type, either user-submitted comment, 36 37 * trackback, or pingback. 38 * @param int $user_id Comment author ID. 37 39 * @return bool If all checks pass, true, otherwise false. 38 40 */ 39 function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {41 function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type, $user_id = 0 ) { 40 42 global $wpdb; 41 43 42 44 // If manual moderation is enabled, skip all checks and return false. … … 110 112 */ 111 113 if ( 1 == get_option('comment_whitelist')) { 112 114 if ( 'trackback' != $comment_type && 'pingback' != $comment_type && $author != '' && $email != '' ) { 115 if ( 0 === $user_id ) { 113 116 // expected_slashed ($author, $email) 114 $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1"); 117 $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM " . $wpdb->comments . " WHERE comment_author = %s AND comment_author_email = %s and comment_approved = '1' LIMIT 1", $author, $email ) ); 118 } else { 119 $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM " . $wpdb->comments . " WHERE user_id = %d AND comment_approved = '1' LIMIT 1", $user_id ) ); 120 } 115 121 if ( ( 1 == $ok_to_comment ) && 116 122 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) 117 123 return true; … … 1301 1307 $commentdata['comment_content'], 1302 1308 $commentdata['comment_author_IP'], 1303 1309 $commentdata['comment_agent'], 1304 $commentdata['comment_type'] 1310 $commentdata['comment_type'], 1311 ( ! empty( $commentdata['user_id'] ) ? (int) $commentdata['user_id'] : 0 ) 1305 1312 ) ) { 1306 1313 $approved = 1; 1307 1314 } else { -
tests/phpunit/tests/comment/query.php
1060 1060 $this->assertEqualSets( array( $c1, $c2, $c3, $c5 ), $found ); 1061 1061 } 1062 1062 1063 /** 1064 * @ticket 28603 1065 */ 1066 public function test_comment_check_with_user_id_and_approved_comment() { 1067 // Make sure comment author has an approved comment. 1068 $this->factory->comment->create( array( 'comment_post_ID' => $this->post_id, 'user_id' => 4, 'comment_approved' => '1', 'comment_author' => 'foo', 'comment_author_email' => 'foo' ) ); 1069 // Use check_comment to make sure comment is approved. Pass in $user_id 1070 $ret = check_comment( 'foo', 'foo@example.com', 'http://example.com', 'This is a comment.', '66.155.40.249', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0', 'comment', 4 ); 1071 $this->assertTrue( $ret ); 1072 } 1073 1074 /** 1075 * @ticket 28603 1076 */ 1077 public function test_comment_check_with_user_id_and_no_approved_comment() { 1078 // Make sure comment author has no approved comments. 1079 $user_id = $this->factory->user->create( array( 'role' => 'subscriber' ) ); 1080 // Use check_comment to make sure comment is held for moderation. Pass in $user_id 1081 $ret = check_comment( 'JukeboxHero', 'hero@jukebox.com', 'http://jukebox.com', 'Man, the show is sold out...', '66.155.40.249', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0', 'comment', $user_id ); 1082 $this->assertFalse( $ret ); 1083 } 1084 1063 1085 public function test_search() { 1064 1086 $c1 = $this->factory->comment->create( array( 'comment_post_ID' => $this->post_id, 'user_id' => 4, 'comment_approved' => '0', 'comment_author' => 'foo', 'comment_author_email' => 'bar@example.com' ) ); 1065 1087 $c2 = $this->factory->comment->create( array( 'comment_post_ID' => $this->post_id, 'user_id' => 4, 'comment_approved' => '0', 'comment_author' => 'bar', 'comment_author_email' => 'foo@example.com' ) );