Ticket #39732: 39732.11.diff
File 39732.11.diff, 11.1 KB (added by , 4 years ago) |
---|
-
src/wp-admin/comment.php
diff --git a/src/wp-admin/comment.php b/src/wp-admin/comment.php index f5d4b3320f..94f01d4aa1 100644
a b switch ( $action ) { 335 335 336 336 check_admin_referer( 'update-comment_' . $comment_id ); 337 337 338 edit_comment(); 338 $updated = edit_comment(); 339 if ( is_wp_error( $updated ) ) { 340 wp_die( $updated->get_error_message() ); 341 } 339 342 340 343 $location = ( empty( $_POST['referredby'] ) ? "edit-comments.php?p=$comment_post_id" : $_POST['referredby'] ) . '#comment-' . $comment_id; 341 344 -
src/wp-admin/includes/ajax-actions.php
diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php index 7010262492..cbe41757f1 100644
a b function wp_ajax_edit_comment() { 1410 1410 if ( isset( $_POST['status'] ) ) { 1411 1411 $_POST['comment_status'] = $_POST['status']; 1412 1412 } 1413 edit_comment(); 1413 1414 $updated = edit_comment(); 1415 if ( is_wp_error( $updated ) ) { 1416 wp_die( $updated->get_error_message() ); 1417 } 1414 1418 1415 1419 $position = ( isset( $_POST['position'] ) && (int) $_POST['position'] ) ? (int) $_POST['position'] : '-1'; 1416 1420 $checkbox = ( isset( $_POST['checkbox'] ) && true == $_POST['checkbox'] ) ? 1 : 0; -
src/wp-admin/includes/comment.php
diff --git a/src/wp-admin/includes/comment.php b/src/wp-admin/includes/comment.php index 4571cd4b76..16c762df36 100644
a b function edit_comment() { 93 93 $_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss"; 94 94 } 95 95 96 wp_update_comment( $_POST);96 return wp_update_comment( $_POST, true ); 97 97 } 98 98 99 99 /** -
src/wp-includes/class-wp-xmlrpc-server.php
diff --git a/src/wp-includes/class-wp-xmlrpc-server.php b/src/wp-includes/class-wp-xmlrpc-server.php index 6e74bf6ca5..6cf0647fd8 100644
a b class wp_xmlrpc_server extends IXR_Server { 3788 3788 $comment['comment_author_email'] = $content_struct['author_email']; 3789 3789 } 3790 3790 3791 $result = wp_update_comment( $comment );3792 if ( is_wp_error( $result ) ) {3791 $result = wp_update_comment( $comment, true ); 3792 if ( is_wp_error( $result ) || false === $result ) { 3793 3793 return new IXR_Error( 500, $result->get_error_message() ); 3794 3794 } 3795 3795 -
src/wp-includes/comment.php
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php index a001eabad7..46a0fcbf50 100644
a b function wp_set_comment_status( $comment_id, $comment_status, $wp_error = false 2341 2341 * 2342 2342 * @since 2.0.0 2343 2343 * @since 4.9.0 Add updating comment meta during comment update. 2344 * @since 5.5.0 Allow returning a WP_Error object on failure. 2344 2345 * 2345 2346 * @global wpdb $wpdb WordPress database abstraction object. 2346 2347 * 2347 2348 * @param array $commentarr Contains information on the comment. 2348 * @return int The value 1 if the comment was updated, 0 if not updated. 2349 * @param bool $wp_error Optional. Whether to return a WP_Error on failure. Default false. 2350 * @return int|bool|WP_Error Comment was updated if value is 1, or was not updated if value is 0, 2351 * false, or a WP_Error object. 2349 2352 */ 2350 function wp_update_comment( $commentarr ) {2353 function wp_update_comment( $commentarr, $wp_error = false ) { 2351 2354 global $wpdb; 2352 2355 2353 2356 // First, get all of the original fields. 2354 2357 $comment = get_comment( $commentarr['comment_ID'], ARRAY_A ); 2355 2358 if ( empty( $comment ) ) { 2356 return 0; 2359 if ( ! $wp_error ) { 2360 return 0; 2361 } 2362 2363 return new WP_Error( 'invalid_comment_id', __( 'Invalid comment ID.' ) ); 2357 2364 } 2358 2365 2359 2366 // Make sure that the comment post ID is valid (if specified). 2360 2367 if ( ! empty( $commentarr['comment_post_ID'] ) && ! get_post( $commentarr['comment_post_ID'] ) ) { 2361 return 0; 2368 if ( ! $wp_error ) { 2369 return 0; 2370 } 2371 2372 return new WP_Error( 'invalid_post_id', __( 'Invalid post ID.' ) ); 2362 2373 } 2363 2374 2364 2375 // Escape data pulled from DB. … … function wp_update_comment( $commentarr ) { 2399 2410 /** 2400 2411 * Filters the comment data immediately before it is updated in the database. 2401 2412 * 2402 * Note: data being passed to the filter is already unslashed. 2413 * Note: data being passed to the filter is already unslashed. Returning 0 or a 2414 * WP_Error object is preventing the comment to be updated. 2403 2415 * 2404 2416 * @since 4.7.0 2417 * @since 5.5.0 Allow returning a WP_Error object on failure. 2405 2418 * 2406 2419 * @param array $data The new, processed comment data. 2407 2420 * @param array $comment The old, unslashed comment data. 2408 2421 * @param array $commentarr The new, raw comment data. 2422 * @param bool $wp_error Optional. Whether to return a WP_Error on failure. 2423 * Default false. 2409 2424 */ 2410 $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr ); 2425 $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr, $wp_error ); 2426 2427 // Do not carry on on failure. 2428 if ( is_wp_error( $data ) || 0 === $data ) { 2429 return $data; 2430 } 2411 2431 2412 2432 $keys = array( 'comment_post_ID', 'comment_content', 'comment_author', 'comment_author_email', 'comment_approved', 'comment_karma', 'comment_author_url', 'comment_date', 'comment_date_gmt', 'comment_type', 'comment_parent', 'user_id', 'comment_agent', 'comment_author_IP' ); 2413 2433 $data = wp_array_slice_assoc( $data, $keys ); … … function wp_update_comment( $commentarr ) { 2423 2443 2424 2444 clean_comment_cache( $comment_ID ); 2425 2445 wp_update_comment_count( $comment_post_ID ); 2446 2426 2447 /** 2427 2448 * Fires immediately after a comment is updated in the database. 2428 2449 * -
src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php index da2457c85a..c3f2f35b8d 100644
a b class WP_REST_Comments_Controller extends WP_REST_Controller { 868 868 ); 869 869 } 870 870 871 $updated = wp_update_comment( wp_slash( (array) $prepared_args ) );871 $updated = wp_update_comment( wp_slash( (array) $prepared_args ), true ); 872 872 873 if ( false === $updated ) {873 if ( is_wp_error( $updated ) || false === $updated ) { 874 874 return new WP_Error( 875 875 'rest_comment_failed_edit', 876 876 __( 'Updating comment failed.' ), -
tests/phpunit/tests/ajax/EditComment.php
diff --git a/tests/phpunit/tests/ajax/EditComment.php b/tests/phpunit/tests/ajax/EditComment.php index 38deb9f160..6380ee42a3 100644
a b class Tests_Ajax_EditComment extends WP_Ajax_UnitTestCase { 32 32 $this->_comment_post = get_post( $post_id ); 33 33 } 34 34 35 public function tearDown() { 36 remove_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 ); 37 parent::tearDown(); 38 } 39 35 40 /** 36 41 * Get comments as a privilged user (administrator) 37 42 * Expects test to pass … … class Tests_Ajax_EditComment extends WP_Ajax_UnitTestCase { 126 131 $this->assertEmpty( (string) $xml->response[0]->edit_comment[0]->supplemental ); 127 132 } 128 133 134 /** 135 * @ticket 39732 136 */ 137 public function test_wp_update_comment_data_is_wp_error() { 138 // Become an administrator 139 $this->_setRole( 'administrator' ); 140 141 // Get a comment 142 $comments = get_comments( array( 143 'post_id' => $this->_comment_post->ID 144 ) ); 145 $comment = array_pop( $comments ); 146 147 // Set up a default request 148 $_POST['_ajax_nonce-replyto-comment'] = wp_create_nonce( 'replyto-comment' ); 149 $_POST['comment_ID'] = $comment->comment_ID; 150 $_POST['content'] = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.'; 151 152 // Simulate filter check error 153 add_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 ); 154 155 // Make the request 156 $this->setExpectedException( 'WPAjaxDieStopException', 'wp_update_comment_data filter fails for this comment.' ); 157 $this->_handleAjax( 'edit-comment' ); 158 } 159 160 /** 161 * Block comments from being updated by returning WP_Error 162 */ 163 public function _wp_update_comment_data_filter( $data, $comment, $commentarr ) { 164 return new WP_Error( 'comment_wrong', __( 'wp_update_comment_data filter fails for this comment.' ), 500 ); 165 } 166 129 167 /** 130 168 * Get comments as a non-privileged user (subscriber) 131 169 * Expects test to fail -
tests/phpunit/tests/comment.php
diff --git a/tests/phpunit/tests/comment.php b/tests/phpunit/tests/comment.php index c55c32a153..c3b95606ef 100644
a b class Tests_Comment extends WP_UnitTestCase { 142 142 $this->assertEquals( $updated_comment_text, $comment->comment_content ); 143 143 } 144 144 145 /** 146 * @ticket 39732 147 */ 148 public function test_wp_update_comment_is_wp_error() { 149 $comment_id = self::factory()->comment->create( array( 'comment_post_ID' => self::$post_id ) ); 150 151 add_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 ); 152 $result = wp_update_comment( array( 'comment_ID' => $comment_id, 'comment_type' => 'pingback' ), true ); 153 $this->assertWPError( $result ); 154 remove_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 ); 155 } 156 157 /** 158 * Block comments from being updated by returning WP_Error 159 */ 160 public function _wp_update_comment_data_filter( $data, $comment, $commentarr ) { 161 return new WP_Error( 'comment_wrong', __( 'wp_update_comment_data filter fails for this comment.' ), 500 ); 162 } 163 145 164 public function test_get_approved_comments() { 146 165 $ca1 = self::factory()->comment->create( 147 166 array( -
tests/phpunit/tests/rest-api/rest-comments-controller.php
diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php index e061c1925d..64800b78ac 100644
a b class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 2790 2790 $this->assertErrorResponse( 'comment_content_column_length', $response, 400 ); 2791 2791 } 2792 2792 2793 /** 2794 * @ticket 39732 2795 */ 2796 public function test_update_comment_is_wp_error() { 2797 wp_set_current_user( self::$admin_id ); 2798 2799 $params = array( 2800 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 2801 ); 2802 2803 add_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 ); 2804 2805 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2806 2807 $request->add_header( 'content-type', 'application/json' ); 2808 $request->set_body( wp_json_encode( $params ) ); 2809 $response = rest_get_server()->dispatch( $request ); 2810 2811 $this->assertErrorResponse( 'rest_comment_failed_edit', $response, 500 ); 2812 2813 remove_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 ); 2814 } 2815 2816 /** 2817 * Block comments from being updated by returning WP_Error 2818 */ 2819 public function _wp_update_comment_data_filter ( $data, $comment, $commentarr ) { 2820 return new WP_Error( 'comment_wrong', __( 'wp_update_comment_data filter fails for this comment.' ), array( 'status' => 500 ) ); 2821 } 2822 2793 2823 public function verify_comment_roundtrip( $input = array(), $expected_output = array() ) { 2794 2824 // Create the comment. 2795 2825 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' );