WordPress.org

Make WordPress Core

Ticket #39732: 39732.11.diff

File 39732.11.diff, 11.1 KB (added by audrasjb, 14 months ago)

Fresh patch for 5.5

  • src/wp-admin/comment.php

    diff --git a/src/wp-admin/comment.php b/src/wp-admin/comment.php
    index f5d4b3320f..94f01d4aa1 100644
    a b switch ( $action ) { 
    335335
    336336                check_admin_referer( 'update-comment_' . $comment_id );
    337337
    338                 edit_comment();
     338                $updated = edit_comment();
     339                if ( is_wp_error( $updated ) ) {
     340                        wp_die( $updated->get_error_message() );
     341                }
    339342
    340343                $location = ( empty( $_POST['referredby'] ) ? "edit-comments.php?p=$comment_post_id" : $_POST['referredby'] ) . '#comment-' . $comment_id;
    341344
  • src/wp-admin/includes/ajax-actions.php

    diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php
    index 7010262492..cbe41757f1 100644
    a b function wp_ajax_edit_comment() { 
    14101410        if ( isset( $_POST['status'] ) ) {
    14111411                $_POST['comment_status'] = $_POST['status'];
    14121412        }
    1413         edit_comment();
     1413
     1414        $updated = edit_comment();
     1415        if ( is_wp_error( $updated ) ) {
     1416                wp_die( $updated->get_error_message() );
     1417        }
    14141418
    14151419        $position      = ( isset( $_POST['position'] ) && (int) $_POST['position'] ) ? (int) $_POST['position'] : '-1';
    14161420        $checkbox      = ( isset( $_POST['checkbox'] ) && true == $_POST['checkbox'] ) ? 1 : 0;
  • src/wp-admin/includes/comment.php

    diff --git a/src/wp-admin/includes/comment.php b/src/wp-admin/includes/comment.php
    index 4571cd4b76..16c762df36 100644
    a b function edit_comment() { 
    9393                $_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
    9494        }
    9595
    96         wp_update_comment( $_POST );
     96        return wp_update_comment( $_POST, true );
    9797}
    9898
    9999/**
  • src/wp-includes/class-wp-xmlrpc-server.php

    diff --git a/src/wp-includes/class-wp-xmlrpc-server.php b/src/wp-includes/class-wp-xmlrpc-server.php
    index 6e74bf6ca5..6cf0647fd8 100644
    a b class wp_xmlrpc_server extends IXR_Server { 
    37883788                        $comment['comment_author_email'] = $content_struct['author_email'];
    37893789                }
    37903790
    3791                 $result = wp_update_comment( $comment );
    3792                 if ( is_wp_error( $result ) ) {
     3791                $result = wp_update_comment( $comment, true );
     3792                if ( is_wp_error( $result ) || false === $result ) {
    37933793                        return new IXR_Error( 500, $result->get_error_message() );
    37943794                }
    37953795
  • src/wp-includes/comment.php

    diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
    index a001eabad7..46a0fcbf50 100644
    a b function wp_set_comment_status( $comment_id, $comment_status, $wp_error = false 
    23412341 *
    23422342 * @since 2.0.0
    23432343 * @since 4.9.0 Add updating comment meta during comment update.
     2344 * @since 5.5.0 Allow returning a WP_Error object on failure.
    23442345 *
    23452346 * @global wpdb $wpdb WordPress database abstraction object.
    23462347 *
    23472348 * @param array $commentarr Contains information on the comment.
    2348  * @return int The value 1 if the comment was updated, 0 if not updated.
     2349 * @param bool  $wp_error   Optional. Whether to return a WP_Error on failure. Default false.
     2350 * @return int|bool|WP_Error Comment was updated if value is 1, or was not updated if value is 0,
     2351 *                           false, or a WP_Error object.
    23492352 */
    2350 function wp_update_comment( $commentarr ) {
     2353function wp_update_comment( $commentarr, $wp_error = false ) {
    23512354        global $wpdb;
    23522355
    23532356        // First, get all of the original fields.
    23542357        $comment = get_comment( $commentarr['comment_ID'], ARRAY_A );
    23552358        if ( empty( $comment ) ) {
    2356                 return 0;
     2359                if ( ! $wp_error ) {
     2360                        return 0;
     2361                }
     2362
     2363                return new WP_Error( 'invalid_comment_id', __( 'Invalid comment ID.' ) );
    23572364        }
    23582365
    23592366        // Make sure that the comment post ID is valid (if specified).
    23602367        if ( ! empty( $commentarr['comment_post_ID'] ) && ! get_post( $commentarr['comment_post_ID'] ) ) {
    2361                 return 0;
     2368                if ( ! $wp_error ) {
     2369                        return 0;
     2370                }
     2371
     2372                return new WP_Error( 'invalid_post_id', __( 'Invalid post ID.' ) );
    23622373        }
    23632374
    23642375        // Escape data pulled from DB.
    function wp_update_comment( $commentarr ) { 
    23992410        /**
    24002411         * Filters the comment data immediately before it is updated in the database.
    24012412         *
    2402          * Note: data being passed to the filter is already unslashed.
     2413         * Note: data being passed to the filter is already unslashed. Returning 0 or a
     2414         * WP_Error object is preventing the comment to be updated.
    24032415         *
    24042416         * @since 4.7.0
     2417         * @since 5.5.0 Allow returning a WP_Error object on failure.
    24052418         *
    24062419         * @param array $data       The new, processed comment data.
    24072420         * @param array $comment    The old, unslashed comment data.
    24082421         * @param array $commentarr The new, raw comment data.
     2422         * @param bool  $wp_error   Optional. Whether to return a WP_Error on failure.
     2423         *                          Default false.
    24092424         */
    2410         $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr );
     2425        $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr, $wp_error );
     2426
     2427        // Do not carry on on failure.
     2428        if ( is_wp_error( $data ) || 0 === $data ) {
     2429                return $data;
     2430        }
    24112431
    24122432        $keys = array( 'comment_post_ID', 'comment_content', 'comment_author', 'comment_author_email', 'comment_approved', 'comment_karma', 'comment_author_url', 'comment_date', 'comment_date_gmt', 'comment_type', 'comment_parent', 'user_id', 'comment_agent', 'comment_author_IP' );
    24132433        $data = wp_array_slice_assoc( $data, $keys );
    function wp_update_comment( $commentarr ) { 
    24232443
    24242444        clean_comment_cache( $comment_ID );
    24252445        wp_update_comment_count( $comment_post_ID );
     2446
    24262447        /**
    24272448         * Fires immediately after a comment is updated in the database.
    24282449         *
  • src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

    diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
    index da2457c85a..c3f2f35b8d 100644
    a b class WP_REST_Comments_Controller extends WP_REST_Controller { 
    868868                                );
    869869                        }
    870870
    871                         $updated = wp_update_comment( wp_slash( (array) $prepared_args ) );
     871                        $updated = wp_update_comment( wp_slash( (array) $prepared_args ), true );
    872872
    873                         if ( false === $updated ) {
     873                        if ( is_wp_error( $updated ) || false === $updated ) {
    874874                                return new WP_Error(
    875875                                        'rest_comment_failed_edit',
    876876                                        __( 'Updating comment failed.' ),
  • tests/phpunit/tests/ajax/EditComment.php

    diff --git a/tests/phpunit/tests/ajax/EditComment.php b/tests/phpunit/tests/ajax/EditComment.php
    index 38deb9f160..6380ee42a3 100644
    a b class Tests_Ajax_EditComment extends WP_Ajax_UnitTestCase { 
    3232                $this->_comment_post = get_post( $post_id );
    3333        }
    3434
     35        public function tearDown() {
     36                remove_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 );
     37                parent::tearDown();
     38        }
     39
    3540        /**
    3641         * Get comments as a privilged user (administrator)
    3742         * Expects test to pass
    class Tests_Ajax_EditComment extends WP_Ajax_UnitTestCase { 
    126131                $this->assertEmpty( (string) $xml->response[0]->edit_comment[0]->supplemental );
    127132        }
    128133
     134        /**
     135         * @ticket 39732
     136         */
     137        public function test_wp_update_comment_data_is_wp_error() {
     138                // Become an administrator
     139                $this->_setRole( 'administrator' );
     140
     141                // Get a comment
     142                $comments = get_comments( array(
     143                        'post_id' => $this->_comment_post->ID
     144                ) );
     145                $comment = array_pop( $comments );
     146
     147                // Set up a default request
     148                $_POST['_ajax_nonce-replyto-comment'] = wp_create_nonce( 'replyto-comment' );
     149                $_POST['comment_ID']                  = $comment->comment_ID;
     150                $_POST['content']                     = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.';
     151
     152                // Simulate filter check error
     153                add_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 );
     154
     155                // Make the request
     156                $this->setExpectedException( 'WPAjaxDieStopException', 'wp_update_comment_data filter fails for this comment.' );
     157                $this->_handleAjax( 'edit-comment' );
     158        }
     159
     160        /**
     161         * Block comments from being updated by returning WP_Error
     162         */
     163        public function _wp_update_comment_data_filter( $data, $comment, $commentarr ) {
     164                return new WP_Error( 'comment_wrong', __( 'wp_update_comment_data filter fails for this comment.' ), 500 );
     165        }
     166
    129167        /**
    130168         * Get comments as a non-privileged user (subscriber)
    131169         * Expects test to fail
  • tests/phpunit/tests/comment.php

    diff --git a/tests/phpunit/tests/comment.php b/tests/phpunit/tests/comment.php
    index c55c32a153..c3b95606ef 100644
    a b class Tests_Comment extends WP_UnitTestCase { 
    142142                $this->assertEquals( $updated_comment_text, $comment->comment_content );
    143143        }
    144144
     145        /**
     146         * @ticket 39732
     147         */
     148        public function test_wp_update_comment_is_wp_error() {
     149                $comment_id = self::factory()->comment->create( array( 'comment_post_ID' => self::$post_id ) );
     150
     151                add_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 );
     152                $result = wp_update_comment( array( 'comment_ID' => $comment_id, 'comment_type' => 'pingback' ), true );
     153                $this->assertWPError( $result );
     154                remove_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 );
     155        }
     156
     157        /**
     158         * Block comments from being updated by returning WP_Error
     159         */
     160        public function _wp_update_comment_data_filter( $data, $comment, $commentarr ) {
     161                return new WP_Error( 'comment_wrong', __( 'wp_update_comment_data filter fails for this comment.' ), 500 );
     162        }
     163
    145164        public function test_get_approved_comments() {
    146165                $ca1 = self::factory()->comment->create(
    147166                        array(
  • tests/phpunit/tests/rest-api/rest-comments-controller.php

    diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php
    index e061c1925d..64800b78ac 100644
    a b class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase 
    27902790                $this->assertErrorResponse( 'comment_content_column_length', $response, 400 );
    27912791        }
    27922792
     2793        /**
     2794         * @ticket 39732
     2795         */
     2796        public function test_update_comment_is_wp_error() {
     2797                wp_set_current_user( self::$admin_id );
     2798
     2799                $params = array(
     2800                        'content' => 'This isn\'t a saxophone. It\'s an umbrella.',
     2801                );
     2802
     2803                add_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 );
     2804
     2805                $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) );
     2806
     2807                $request->add_header( 'content-type', 'application/json' );
     2808                $request->set_body( wp_json_encode( $params ) );
     2809                $response = rest_get_server()->dispatch( $request );
     2810
     2811                $this->assertErrorResponse( 'rest_comment_failed_edit', $response, 500 );
     2812
     2813                remove_filter( 'wp_update_comment_data', array( $this, '_wp_update_comment_data_filter' ), 10, 3 );
     2814        }
     2815
     2816        /**
     2817         * Block comments from being updated by returning WP_Error
     2818         */
     2819        public function _wp_update_comment_data_filter ( $data, $comment, $commentarr ) {
     2820                return new WP_Error( 'comment_wrong', __( 'wp_update_comment_data filter fails for this comment.' ), array( 'status' => 500 ) );
     2821        }
     2822
    27932823        public function verify_comment_roundtrip( $input = array(), $expected_output = array() ) {
    27942824                // Create the comment.
    27952825                $request = new WP_REST_Request( 'POST', '/wp/v2/comments' );