WordPress.org

Make WordPress Core

Ticket #38477: 38477.2.diff

File 38477.2.diff, 3.6 KB (added by mangeshp, 3 years ago)

Updated changes as per the feedback given

  • wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

    diff --git wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
    index e0ca944..72a48cc 100644
    class WP_REST_Comments_Controller extends WP_REST_Controller { 
    369369                        return $prepared_comment;
    370370                }
    371371
     372                $max_lengths = wp_get_comment_fields_max_lengths();
     373
    372374                /**
    373375                 * Do not allow a comment to be created with an empty string for
    374376                 * comment_content.
    class WP_REST_Comments_Controller extends WP_REST_Controller { 
    376378                 */
    377379                if ( '' === $prepared_comment['comment_content'] ) {
    378380                        return new WP_Error( 'rest_comment_content_invalid', __( 'Comment content is invalid.' ), array( 'status' => 400 ) );
     381                } elseif ( mb_strlen( $prepared_comment['comment_content'], '8bit' ) > $max_lengths['comment_content'] ) {
     382                        return new WP_Error( 'rest_comment_content_length', __( 'Comment content is too long.' ), array( 'status' => 400 ) );
    379383                }
    380384
    381385                // Setting remaining values before wp_insert_comment so we can
    class WP_REST_Comments_Controller extends WP_REST_Controller { 
    419423                        $prepared_comment['comment_author_url'] = '';
    420424                }
    421425
     426                if ( mb_strlen( $prepared_comment['comment_author'], '8bit' ) > $max_lengths['comment_author'] ) {
     427                        return new WP_Error( 'rest_comment_author_column_length', __( 'Author name is too long.' ), array( 'status' => 400 ) );
     428                }
     429                if ( strlen( $prepared_comment['comment_author_email'] ) > $max_lengths['comment_author_email'] ) {
     430                        return new WP_Error( 'rest_comment_author_email_column_length', __( 'Author email is too long.' ), array( 'status' => 400 ) );
     431                }
     432                if ( strlen( $prepared_comment['comment_author_url'] ) > $max_lengths['comment_author_url'] ) {
     433                        return new WP_Error( 'rest_comment_author_url_column_length', __( 'Author url is too long.' ), array( 'status' => 400 ) );
     434                }
     435
    422436                $prepared_comment['comment_agent'] = '';
    423437                $prepared_comment['comment_approved'] = wp_allow_comment( $prepared_comment, true );
    424438
    class WP_REST_Comments_Controller extends WP_REST_Controller { 
    917931                        return new WP_Error( 'rest_comment_content_required', __( 'Missing comment content.' ), array( 'status' => 400 ) );
    918932                }
    919933
     934                $max_lengths = wp_get_comment_fields_max_lengths();
     935
     936                if ( isset( $prepared_comment['comment_author'] ) && mb_strlen( $prepared_comment['comment_author'], '8bit' ) > $max_lengths['comment_author'] ) {
     937                        return new WP_Error( 'rest_comment_author_column_length', __( 'Author name is too long.' ), array( 'status' => 400 ) );
     938                }
     939                if ( isset( $prepared_comment['comment_author_email'] ) && strlen( $prepared_comment['comment_author_email'] ) > $max_lengths['comment_author_email'] ) {
     940                        return new WP_Error( 'rest_comment_author_email_column_length', __( 'Author email address is too long.' ), array( 'status' => 400 ) );
     941                }
     942                if ( isset( $prepared_comment['comment_author_url'] ) && strlen( $prepared_comment['comment_author_url'] ) > $max_lengths['comment_author_url'] ) {
     943                        return new WP_Error( 'rest_comment_author_url_column_length', __( 'Author url is too long.' ), array( 'status' => 400 ) );
     944                }
     945                if ( isset( $prepared_comment['comment_content'] ) && mb_strlen( $prepared_comment['comment_content'], '8bit' ) > $max_lengths['comment_content'] ) {
     946                        return new WP_Error( 'rest_comment_content_column_length', __( 'Comment is too long.' ), array( 'status' => 400 ) );
     947                }
     948
    920949                return apply_filters( 'rest_preprocess_comment', $prepared_comment, $request );
    921950        }
    922951