Make WordPress Core


Ignore:
Timestamp:
09/13/2013 10:17:51 PM (11 years ago)
Author:
wonderboymusic
Message:

Fix some undefined index notices related to Comment unit tests:

  • There are several places where a $_POST index was unchecked before setting a variable
  • In wp_notify_postauthor(), $comment was being returned null, but its properties were being accessed.
  • In check_ajax_referer(), 3 different values can be checked for nonce on $_REQUEST, but only 1 had an isset()

See #25282.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/comment.php

    r25091 r25433  
    3737        wp_die ( __( 'You are not allowed to edit comments on this post.' ) );
    3838
    39     $_POST['comment_author'] = $_POST['newcomment_author'];
    40     $_POST['comment_author_email'] = $_POST['newcomment_author_email'];
    41     $_POST['comment_author_url'] = $_POST['newcomment_author_url'];
    42     $_POST['comment_approved'] = $_POST['comment_status'];
    43     $_POST['comment_content'] = $_POST['content'];
    44     $_POST['comment_ID'] = (int) $_POST['comment_ID'];
     39    if ( isset( $_POST['newcomment_author'] ) )
     40        $_POST['comment_author'] = $_POST['newcomment_author'];
     41    if ( isset( $_POST['newcomment_author_email'] ) )
     42        $_POST['comment_author_email'] = $_POST['newcomment_author_email'];
     43    if ( isset( $_POST['newcomment_author_url'] ) )
     44        $_POST['comment_author_url'] = $_POST['newcomment_author_url'];
     45    if ( isset( $_POST['comment_status'] ) )
     46        $_POST['comment_approved'] = $_POST['comment_status'];
     47    if ( isset( $_POST['content'] ) )
     48        $_POST['comment_content'] = $_POST['content'];
     49    if ( isset( $_POST['comment_ID'] ) )
     50        $_POST['comment_ID'] = (int) $_POST['comment_ID'];
    4551
    4652    foreach ( array ('aa', 'mm', 'jj', 'hh', 'mn') as $timeunit ) {
Note: See TracChangeset for help on using the changeset viewer.