Changeset 36272 for trunk/tests/phpunit/tests/comment-submission.php

Timestamp:

01/13/2016 01:24:46 AM (10 years ago)

Author:

rachelbaker

Message:

Comments: Restrict the maximum characters for input fields within the comments template.

Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission()

Fixes #10377.

Props westonruter rachelbaker.

File:

• trunk/tests/phpunit/tests/comment-submission.php (modified) (1 diff)

trunk/tests/phpunit/tests/comment-submission.php

@@ -591 +591 @@
         $this->assertSame( $error, $comment->get_error_code() );
 
+    }
+
+    /**
+     * @ticket 10377
+     */
+    public function test_submitting_comment_with_content_too_long_returns_error() {
+        $error = 'comment_content_column_length';
+
+        $post = self::factory()->post->create_and_get();
+
+        $data = array(
+            'comment_post_ID' => $post->ID,
+            'comment'         => rand_long_str( 65536 ),
+            'author'          => 'Comment Author',
+            'email'           => 'comment@example.org',
+        );
+        $comment = wp_handle_comment_submission( $data );
+
+        $this->assertWPError( $comment );
+        $this->assertSame( $error, $comment->get_error_code() );
+    }
+
+    /**
+     * @ticket 10377
+     */
+    public function test_submitting_comment_with_author_too_long_returns_error() {
+        $error = 'comment_author_column_length';
+
+        $post = self::factory()->post->create_and_get();
+
+        $data = array(
+            'comment_post_ID' => $post->ID,
+            'comment'         => rand_str(),
+            'author'          => rand_long_str( 255 ),
+            'email'           => 'comment@example.org',
+        );
+        $comment = wp_handle_comment_submission( $data );
+
+        $this->assertWPError( $comment );
+        $this->assertSame( $error, $comment->get_error_code() );
+    }
+
+    /**
+     * @ticket 10377
+     */
+    public function test_submitting_comment_with_email_too_long_returns_error() {
+        $error = 'comment_author_email_column_length';
+
+        $post = self::factory()->post->create_and_get();
+
+        $data = array(
+            'comment_post_ID' => $post->ID,
+            'comment'         => rand_str(),
+            'author'          => 'Comment Author',
+            'email'           => rand_long_str( 90 ) . '@example.com',
+        );
+        $comment = wp_handle_comment_submission( $data );
+
+        $this->assertWPError( $comment );
+        $this->assertSame( $error, $comment->get_error_code() );
+    }
+
+    /**
+     * @ticket 10377
+     */
+    public function test_submitting_comment_with_url_too_long_returns_error() {
+        $error = 'comment_author_url_column_length';
+
+        $post = self::factory()->post->create_and_get();
+        $data = array(
+            'comment_post_ID' => $post->ID,
+            'comment'         => rand_str(),
+            'author'          => 'Comment Author',
+            'email'           => 'comment@example.org',
+            'url'             => rand_long_str( 201 ),
+        );
+        $comment = wp_handle_comment_submission( $data );
+
+        $this->assertWPError( $comment );
+        $this->assertSame( $error, $comment->get_error_code() );
     }