diff --git wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
index e91fce209f..d00710291b 100644
|
|
|
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 25 | 25 | protected $meta; |
| 26 | 26 | |
| 27 | 27 | /** |
| | 28 | * List of default allowed comment types |
| | 29 | * |
| | 30 | * @since ?? |
| | 31 | * @access private |
| | 32 | * @var array |
| | 33 | */ |
| | 34 | private $default_allowed_types; |
| | 35 | |
| | 36 | /** |
| 28 | 37 | * Constructor. |
| 29 | 38 | * |
| 30 | 39 | * @since 4.7.0 |
| … |
… |
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 32 | 41 | public function __construct() { |
| 33 | 42 | $this->namespace = 'wp/v2'; |
| 34 | 43 | $this->rest_base = 'comments'; |
| | 44 | $this->default_allowed_types = array('comment'); |
| 35 | 45 | |
| 36 | 46 | $this->meta = new WP_REST_Comment_Meta_Fields(); |
| 37 | 47 | } |
| … |
… |
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 140 | 150 | $forbidden_params[] = $param; |
| 141 | 151 | } |
| 142 | 152 | } elseif ( 'type' === $param ) { |
| 143 | | if ( 'comment' !== $request[ $param ] ) { |
| | 153 | if ( false === in_array($request[ $param ], apply_filters( 'rest_allow_comment_types', $this->default_allowed_types, $request ) ) ) { |
| 144 | 154 | $forbidden_params[] = $param; |
| 145 | 155 | } |
| 146 | 156 | } elseif ( ! empty( $request[ $param ] ) ) { |
| … |
… |
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 482 | 492 | } |
| 483 | 493 | |
| 484 | 494 | // Do not allow comments to be created with a non-default type. |
| 485 | | if ( ! empty( $request['type'] ) && 'comment' !== $request['type'] ) { |
| | 495 | if ( ! empty( $request['type'] ) && false === in_array($request['type'], apply_filters( 'rest_allow_comment_types', $this->default_allowed_types, $request ) ) ) { |
| 486 | 496 | return new WP_Error( 'rest_invalid_comment_type', __( 'Cannot create a comment with that type.' ), array( 'status' => 400 ) ); |
| 487 | 497 | } |
| 488 | 498 | |
| … |
… |
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 491 | 501 | return $prepared_comment; |
| 492 | 502 | } |
| 493 | 503 | |
| 494 | | $prepared_comment['comment_type'] = ''; |
| 495 | | |
| 496 | 504 | /* |
| 497 | 505 | * Do not allow a comment to be created with missing or empty |
| 498 | 506 | * comment_content. See wp_handle_comment_submission(). |
| … |
… |
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 673 | 681 | $id = $comment->comment_ID; |
| 674 | 682 | |
| 675 | 683 | if ( isset( $request['type'] ) && get_comment_type( $id ) !== $request['type'] ) { |
| 676 | | return new WP_Error( 'rest_comment_invalid_type', __( 'Sorry, you are not allowed to change the comment type.' ), array( 'status' => 404 ) ); |
| | 684 | if ( !in_array($request['type'], apply_filters( 'rest_allow_comment_types', $this->default_allowed_types, $request ) ) ) { |
| | 685 | return new WP_Error( 'rest_comment_invalid_type', __( 'Sorry, you are not allowed to change the comment type.' ), array( 'status' => 404 ) ); |
| | 686 | } |
| 677 | 687 | } |
| 678 | 688 | |
| 679 | 689 | $prepared_args = $this->prepare_item_for_database( $request ); |
| … |
… |
class WP_REST_Comments_Controller extends WP_REST_Controller { |
| 1118 | 1128 | } |
| 1119 | 1129 | } |
| 1120 | 1130 | |
| | 1131 | if ( ! empty( $request['type'] ) ) { |
| | 1132 | $prepared_comment['comment_type'] = $request['type']; |
| | 1133 | } |
| | 1134 | |
| 1121 | 1135 | /** |
| 1122 | 1136 | * Filters a comment after it is prepared for the database. |
| 1123 | 1137 | * |